Vulnerabilities > Codecabin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2021-36870 | Cross-site Scripting vulnerability in Codecabin WP GO Maps Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). | 5.4 |
| 2021-09-09 | CVE-2021-36871 | Cross-site Scripting vulnerability in Codecabin WP GO Maps Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). | 5.4 |
| 2021-06-21 | CVE-2021-24383 | Cross-site Scripting vulnerability in Codecabin WP GO Maps The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue | 5.4 |
| 2019-08-09 | CVE-2019-14792 | Cross-site Scripting vulnerability in Codecabin WP GO Maps The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectangle_name or rectangle_opacity parameter. | 5.4 |
| 2019-04-02 | CVE-2019-10692 | SQL Injection vulnerability in Codecabin WP GO Maps In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement. | 9.8 |
| 2019-03-22 | CVE-2019-9912 | Cross-site Scripting vulnerability in Codecabin WP GO Maps The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO. | 6.1 |