Codecabin Wp_go_maps

16 CVEs affecting Codecabin Wp_go_maps. Latest disclosed: 2025-01-27. Critical: 1, High: 1.

Top CVEs affecting Codecabin Wp_go_maps
CVESeverityScorePublishedSummary
CVE-2019-10692Critical9.82019-04-02In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
CVE-2024-29931High7.12024-03-27Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP G…
CVE-2024-5994Medium6.42024-06-14The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and includin…
CVE-2024-3557Medium6.42024-05-24The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up…
CVE-2024-1582Medium6.42024-03-13The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpgmza' shortcode in all versions…
CVE-2023-6627Medium6.12024-01-08The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to sto…
CVE-2019-9912Medium6.12019-03-22The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.
CVE-2021-36871Medium5.52021-09-09Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable pa…
CVE-2021-36870Medium5.52021-09-09Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &d…
CVE-2021-24383Medium5.42021-06-21The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading…
CVE-2019-14792Medium5.42019-08-09The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter.
CVE-2023-6777Medium5.32024-04-09The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 9.0.34 due…
CVE-2022-47595Medium4.92023-03-14Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Go Maps (formerly WP Google Maps) plugin <= 9.0.15 versions.
CVE-2023-4839Medium4.42024-03-13The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input…
CVE-2025-24742Medium4.32025-01-27Cross-Site Request Forgery (CSRF) vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through <= 9.0.40.
CVE-2014-71822014-10-22Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin before 6.0.27 for WordPress allow remote attackers to inject arbitrary web scr…