CVE-2023-5975
- EPSS 0.19%
- Veröffentlicht 07.11.2023 11:15:12
- Zuletzt bearbeitet 21.11.2024 08:42:54
The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers...
CVE-2023-5506
- EPSS 0.06%
- Veröffentlicht 07.11.2023 11:15:11
- Zuletzt bearbeitet 21.11.2024 08:41:54
The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, w...
CVE-2023-5507
- EPSS 0.13%
- Veröffentlicht 07.11.2023 11:15:11
- Zuletzt bearbeitet 21.11.2024 08:41:54
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it p...
CVE-2023-5532
- EPSS 0.14%
- Veröffentlicht 07.11.2023 11:15:11
- Zuletzt bearbeitet 21.11.2024 08:41:57
The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on the 'imgmap_save_area_title' function. This makes it possible for unauth...