First published: Mon Feb 12 2024(Updated: )
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mappresspro Mappress Maps For Wordpress | <2.88.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.