Vulnerabilities > Supsystic > Easy Google Maps

DATE CVE VULNERABILITY TITLE RISK
2024-07-02 CVE-2024-5219 Cross-site Scripting vulnerability in Supsystic Easy Google Maps
The Easy Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 1.11.15 due to insufficient input sanitization and output escaping.
network
low complexity
supsystic CWE-79
5.4
5.4
2023-06-09 CVE-2023-2526 Unspecified vulnerability in Supsystic Easy Google Maps
The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7.
network
low complexity
supsystic
5.4
5.4
2023-05-28 CVE-2023-33926 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions.
network
low complexity
supsystic CWE-352
8.8
8.8
2022-04-25 CVE-2021-46780 Cross-site Scripting vulnerability in Supsystic Easy Google Maps
The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
network
supsystic CWE-79
4.3
4.3
2021-11-01 CVE-2021-39346 Cross-site Scripting vulnerability in Supsystic Easy Google Maps
The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.9.33.
network
high complexity
supsystic CWE-79
2.1
2.1