CVE-2015-4615

Опубликовано: 15 фев. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

Ссылки

http://www.vapid.dhs.org/advisory.php?v=130
Exploit
Third Party Advisory
https://wordpress.org/plugins/easy2map-photos
Product
Third Party Advisory
http://www.vapid.dhs.org/advisory.php?v=130
Exploit
Third Party Advisory
https://wordpress.org/plugins/easy2map-photos
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easy2map:easy2map-photos:1.09:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 73%

0.00758

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-755c-vwgj-9jvj