WP Google Maps <= 7.11.34 - CSRF to Stored XSS



Description
Lack of CSRF and authorisation checks, as well as sanitisation in the wpgmaps_head() function in legacy-core.php can lead to stored XSS issues

Affects Plugin

fixed in version 7.11.35

References

CVE 2019-14792
URL https://plugins.trac.wordpress.org/changeset/2119722

Classification

Type MULTI

Miscellaneous

Views 3490
Verified No
WPVDB ID 9442

Timeline

Publicly Published 2019-07-08 (3 months ago)
Added 2019-07-09 (3 months ago)
Last Updated 2019-08-13 (2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin