WordPress Plugin Vulnerabilities

HTML5 Maps <= 1.6.5.6 - CSRF & XSS

Description

The HTML5 Maps WordPress plugin was affected by a CSRF & XSS security vulnerability.

Affects Plugins

Plugin icon
html5-maps
Fixed in 1.6.5.7

References

CVE
CVE-2019-5983
URL
https://jvn.jp/en/jp/JVN49575131/index.html
URL
https://plugins.trac.wordpress.org/changeset/2103724/html5-maps

Miscellaneous

Original Researcher
Daisuke Shimizu of Cryptography Laboratory
Submitter
Ryan Dewhurst
Submitter website
https://wpscan.io
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
93400f08-f1f7-4faf-852f-c016ebcd07a3

Timeline

Publicly Published
2019-06-24 (about 6 years ago)
Added
2019-07-09 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-05-25
Title
Related YouTube Videos <= 1.9.8 - CSRF & XSS
Published
2019-10-07
Title
Export Users to CSV < 1.4 - Unauthorised CSV Access
Published
2014-12-14
Title
Lightbox Photo Gallery 1.0 - CSRF/XSS
Published
2014-10-17
Title
XCloner - Backup and Restore < 3.1.2 - Multiple Vulnerabilities (RCE & LFI)
Published
2016-02-03
Title
WP-Invoice <= 4.1.0 - Multiple Vulnerabilities