Vulnerabilities > Easy2Map

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-15	CVE-2015-4617	Path Traversal vulnerability in Easy2Map Easy2Map-Photos 1.09 Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory. network low complexity easy2map CWE-22	7.5
2019-02-15	CVE-2015-4615	SQL Injection vulnerability in Easy2Map Easy2Map-Photos 1.09 Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables network low complexity easy2map CWE-89 critical	9.8
2017-12-27	CVE-2015-7669	Path Traversal vulnerability in Easy2Map Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include and execute arbitrary files via the csvfile parameter related to "upload file functionality." network low complexity easy2map CWE-22 critical	9.8
2017-12-27	CVE-2015-7668	Cross-site Scripting vulnerability in Easy2Map Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_id parameter. network low complexity easy2map CWE-79	6.1

Vulnerabilities > Easy2Map {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Easy2Map"}]}