CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47767 – WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47767
14 Nov 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('cross-site Scripting') en el complemento Fla-shop.Com Interactive World Map en versiones <= 3.2.0. The Interactive World Map plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and inc... • https://patchstack.com/database/vulnerability/interactive-world-map/wordpress-interactive-world-map-plugin-3-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45650 – WordPress HTML5 Maps Plugin <= 1.7.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45650
12 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com HTML5 Maps plugin <= 1.7.1.4 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Fla-shop.Com HTML5 Maps en versiones <= 1.7.1.4. The HTML5 Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action g... • https://patchstack.com/database/vulnerability/html5-maps/wordpress-html5-maps-plugin-1-7-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45060 – WordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45060
03 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Fla-shop.Com Interactive World Map en versiones <= 3.2.0. The Interactive World Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to inv... • https://patchstack.com/database/vulnerability/interactive-world-map/wordpress-interactive-world-map-plugin-3-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5983 – HTML5 Maps <= 1.6.5.6 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2019-5983
24 Jun 2019 — Cross-site request forgery (CSRF) vulnerability in HTML5 Maps 1.6.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en HTML5 Maps versión 1.6.5.6 y anteriores, permite a los atacantes remotos secuestrar la autenticación de administradores por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN49575131/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •