CSRF Vulnerability in HTML5 Maps by WordPress
CVE-2019-5983

8.8HIGH

Key Information:

Vendor

WordPress
Status
Html5 Maps
Vendor
CVE Published:
5 July 2019

What is CVE-2019-5983?

A Cross-site Request Forgery (CSRF) vulnerability exists in the HTML5 Maps plugin for WordPress, allowing remote attackers to potentially hijack the authentication of administrators through unspecified methods. This weakness poses a significant risk as it could lead to unauthorized actions being performed on behalf of an admin user, thereby compromising the security of the WordPress site.

Affected Version(s)

HTML5 Maps 1.6.5.6 and earlier

References

https://wordpress.org/plugins/html5-maps/
x_refsource_MISC
https://jvn.jp/en/jp/JVN49575131/index.html
x_refsource_MISC
https://wpvulndb.com/vulnerabilities/9438
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.