Vulnerabilities > Supsystic > Easy Google Maps > 1.9.17

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-2526 Unspecified vulnerability in Supsystic Easy Google Maps
The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7.
network
low complexity
supsystic
5.4
5.4
2023-05-28 CVE-2023-33926 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions.
network
low complexity
supsystic CWE-352
8.8
8.8
2022-04-25 CVE-2021-46780 Cross-site Scripting vulnerability in Supsystic Easy Google Maps
The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
network
supsystic CWE-79
4.3
4.3
2021-11-01 CVE-2021-39346 Cross-site Scripting vulnerability in Supsystic Easy Google Maps
The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/modules/marker_groups/views/tpl/mgrEditMarkerGroup.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.9.33.
network
high complexity
supsystic CWE-79
2.1
2.1