Описание
The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.48 does not sanitize user input provided via an AJAX action, allowing unauthenticated users to store XSS payloads which are later retrieved from another AJAX call and output unescaped.
EPSS
Процентиль: 89%
0.05088
Низкий
8.8 High
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 6.1
github
3 месяца назад
The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.48 does not sanitize user input provided via an AJAX action, allowing unauthenticated users to store XSS payloads which are later retrieved from another AJAX call and output unescaped.
EPSS
Процентиль: 89%
0.05088
Низкий
8.8 High
CVSS3