CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45650 – WordPress HTML5 Maps Plugin <= 1.7.1.4 is vulnerable to Cross Site Request Forgery (CSRF)
https://notcve.org/view.php?id=CVE-2023-45650
12 Oct 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com HTML5 Maps plugin <= 1.7.1.4 versions. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Fla-shop.Com HTML5 Maps en versiones <= 1.7.1.4. The HTML5 Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for unauthenticated attackers to perform an unknown action g... • https://patchstack.com/database/vulnerability/html5-maps/wordpress-html5-maps-plugin-1-7-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-5983 – HTML5 Maps <= 1.6.5.6 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2019-5983
24 Jun 2019 — Cross-site request forgery (CSRF) vulnerability in HTML5 Maps 1.6.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en HTML5 Maps versión 1.6.5.6 y anteriores, permite a los atacantes remotos secuestrar la autenticación de administradores por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN49575131/index.html • CWE-352: Cross-Site Request Forgery (CSRF) •