CVE-2024-9584
- EPSS 0.1%
- Veröffentlicht 25.10.2024 18:15:04
- Zuletzt bearbeitet 05.11.2024 17:04:31
The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.0.20. This makes it possible for authenticated atta...
CVE-2024-9585
- EPSS 0.17%
- Veröffentlicht 25.10.2024 18:15:04
- Zuletzt bearbeitet 05.11.2024 17:05:59
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insufficient input sanitization and output escaping on use...
CVE-2023-3411
- EPSS 0.08%
- Veröffentlicht 27.06.2023 04:15:10
- Zuletzt bearbeitet 08.04.2026 18:18:10
The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing nonce validation on the ajax_store_save() functio...
CVE-2023-3412
- EPSS 0.11%
- Veröffentlicht 27.06.2023 04:15:10
- Zuletzt bearbeitet 08.04.2026 19:18:25
The Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0.0. This is due to a missing capability check on the ajax_store_save() func...