Vulnerabilities > Supsystic
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-52434 | Code Injection vulnerability in Supsystic Popup Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through 1.10.29. | 9.1 |
| 2024-09-26 | CVE-2024-47330 | Missing Authorization vulnerability in Supsystic Slider and Social Share Buttons Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share Buttons by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.6; Social Share Buttons by Supsystic: from n/a through 2.2.9. | 8.8 |
| 2024-07-02 | CVE-2024-5219 | Cross-site Scripting vulnerability in Supsystic Easy Google Maps The Easy Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 1.11.15 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-01-16 | CVE-2023-6732 | Cross-site Scripting vulnerability in Supsystic Ultimate Maps The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | 4.8 |
| 2023-12-15 | CVE-2023-49191 | Cross-site Scripting vulnerability in Supsystic Gdpr Cookie Consent Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic GDPR Cookie Consent by Supsystic allows Stored XSS.This issue affects GDPR Cookie Consent by Supsystic: from n/a through 2.1.2. | 4.8 |
| 2023-12-09 | CVE-2023-5756 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Digital Publications BY Supsystic The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. | 8.8 |
| 2023-10-12 | CVE-2023-45068 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions. | 8.8 |
| 2023-07-17 | CVE-2023-3186 | Unspecified vulnerability in Supsystic Popup The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype. | 9.8 |
| 2023-06-09 | CVE-2023-2526 | Unspecified vulnerability in Supsystic Easy Google Maps The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7. | 5.4 |
| 2023-05-28 | CVE-2023-33926 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions. | 8.8 |