|
|
WordPress Leaflet Maps Marker Plugin Multiple Unspecified Input Validation Vulnerabilities
The Leaflet Maps Marker plugin for WordPress is prone to a cross-site scripting vulnerability, an SQL-injection vulnerability, and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Leaflet Maps Marker versions prior to 2.4 are vulnerable. |
|
Privacy Statement |