WordPress Plugin Vulnerabilities

WP Google Maps Pro < 8.1.12 - Multiple Admin+ Stored Cross-Site Scripting

Description

The plugin does not sanitise some of its fields, which could lead to Stored Cross-Site Scripting issues

Affects Plugins

Plugin icon
wp-google-maps-pro
Fixed in 8.1.12

References

CVE
CVE-2021-36871

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.5 (low)

Miscellaneous

Original Researcher
Visse
Verified
No
WPVDB ID
4dcd72e7-0035-46f0-aa52-0486ba2d39e9

Timeline

Publicly Published
2021-06-15 (about 4 years ago)
Added
2021-09-10 (about 4 years ago)
Last Updated
2022-04-12 (about 3 years ago)

Other

Published
Title
Published
2022-08-22
Title
Search Exclude < 1.2.7 - Author+ Stored Cross-Site Scripting
Published
2024-03-29
Title
underConstruction < 1.22 - Authenticated (Administrator+) Stored Cross-Site Scripting
Published
2025-02-17
Title
Simple Pricing Tables For WPBakery Page Builder(Formerly Visual Composer) <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2022-01-03
Title
Visual CSS Style Editor < 7.5.4 - Reflected Cross-Site Scripting
Published
2026-01-28
Title
Educare < 1.6.2 - Unauthenticated Stored Cross-Site Scripting