CVE-2024-52355
- EPSS 0.11%
- Veröffentlicht 11.11.2024 07:15:07
- Zuletzt bearbeitet 15.11.2024 17:51:44
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hyumika OSM – OpenStreetMap allows Stored XSS.This issue affects OSM – OpenStreetMap: from n/a through 6.1.2.
CVE-2024-8991
- EPSS 1.45%
- Veröffentlicht 27.09.2024 07:15:05
- Zuletzt bearbeitet 04.10.2024 18:56:30
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping on use...
CVE-2024-3604
- EPSS 0.69%
- Veröffentlicht 09.07.2024 09:15:05
- Zuletzt bearbeitet 21.11.2024 09:29:58
The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'tagged_filter' attribute of the 'osm_map_v3' shortcode in all versions up to, and including, 6.0.2 due to insufficient escaping on the user supplied parameter and la...
CVE-2024-3603
- EPSS 0.34%
- Veröffentlicht 09.07.2024 09:15:04
- Zuletzt bearbeitet 21.11.2024 09:29:58
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'osm_map' shortcode in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping on user supplied att...
CVE-2022-30544
- EPSS 0.11%
- Veröffentlicht 17.01.2023 05:15:12
- Zuletzt bearbeitet 21.11.2024 07:02:54
Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions.