Filtered by vendor Mappresspro
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12675 | 1 Mappresspro | 1 Mappress | 2020-05-29 | 6.5 MEDIUM | 8.8 HIGH |
| The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. | |||||
| CVE-2020-12077 | 1 Mappresspro | 1 Mappress | 2020-04-28 | 6.5 MEDIUM | 8.8 HIGH |
| The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution. | |||||