Cross-Site Scripting Vulnerability in WP Google Map Plugin by WordPress
CVE-2018-0577

5.4MEDIUM

Key Information:

Vendor: Wordpress
Status: WP Google Map Plugin
Vendor: CVE Published:; 14 May 2018

What is CVE-2018-0577?

A cross-site scripting vulnerability exists in the WP Google Map Plugin for WordPress, allowing remote attackers to inject arbitrary web scripts or HTML. This can lead to potential exploits that compromise user data and site integrity. Users of versions prior to 4.0.4 should update their plugins promptly to mitigate this risk.

Affected Version(s)

WP Google Map Plugin prior to version 4.0.4

References

https://wordpress.org/plugins/wp-google-map-plugin/#devel...

x_refsource_MISC

http://jvn.jp/en/jp/JVN01040170/index.html

third-party-advisoryx_refsource_JVN

https://wpvulndb.com/vulnerabilities/9610

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2018
Vulnerability Reserved
Nov 27, 2017

Wordpress

What is CVE-2018-0577?

Affected Version(s)

References

CVSS V3.1

Timeline