Cross-Site Scripting Vulnerabilities in WP Google Maps Plugin for WordPress
CVE-2014-7182

Currently unrated

Key Information:

Vendor

Wordpress
Status
WP Go Maps
Vendor
CVE Published:
22 October 2014

What is CVE-2014-7182?

Multiple cross-site scripting (XSS) vulnerabilities exist in the WP Google Maps plugin before version 6.0.27. These flaws allow remote attackers to inject arbitrary web scripts or HTML into the application. Exploitation can occur via the poly_id parameter through actions such as edit_poly, edit_polyline, or edit_marker on the wp-admin/admin.php page. This can lead to unauthorized access and manipulation of user data or site content, severely impacting website integrity and user trust.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://wordpress.org/plugins/wp-google-maps/changelog
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/533699/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/70597
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.