CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2018-14071 – Geo Mashup - < 1.10.4 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-14071
16 Jul 2018 — The Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input. El plugin Geo Mashup en versiones anteriores a la 1.10.4 para WordPress tiene un saneamiento insuficiente de post editor y otras entradas del usuario. • https://github.com/cyberhobo/wordpress-geo-mashup/blob/master/readme.txt • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2015-1383 – Geo Mashup < 1.8.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-1383
27 Jan 2015 — Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key. Vulnerabilidad de XSS en el Widget 'geo search' en el plugin Geo Mashup anterior a 1.8.3 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la clave de búsqueda. WordPress Geo Mashup plugin versions 1.8.2 and below suffer from a cross site scripting vu... • https://packetstorm.news/files/id/130150 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •