WP Mapa Politico Espana < 3.7.0 – Authenticated Stored Cross-Site Scripting | CVE 2021-24609

Description

The plugin does not sanitise or escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

Proof of Concept

Put the following payload in any of the Maps > Zona setting fields (such as A Coruna): "><script>alert(/XSS/)</script>

Affects Plugins

wp-mapa-politico-spain

Fixed in 3.7.0

References

CVE

CVE-2021-24609

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

3.5 (low)

Miscellaneous

Original Researcher

xiahao@webray.com.cn inc

Submitter

xiahao@webray.com.cn inc

Submitter twitter

lAmn9V6MU9Dfb8p

Verified

Yes

WPVDB ID

8b639743-3eb5-4f74-a156-76cb657bbe05

Timeline

Publicly Published

2021-08-05 (about 4 years ago)

Added

2021-08-19 (about 4 years ago)

Last Updated

2022-03-07 (about 3 years ago)

Other

Published

Title

Published

2025-04-22

Title

VForm < 3.1.15 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2025-05-16

Title

Dot html,php,xml etc pages <= 1.0 - Reflected Cross-Site Scripting

Published

2014-10-01

Title

Photo Gallery 1.1.30 - Cross Site Scripting

Published

2025-07-17

Title

Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) <= 1.2 - Reflected Cross-Site Scripting

Published

2025-03-25

Title

Advanced Woo Search < 3.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via aws_search_terms Shortcode