RSS   Vulnerabilities for 'Easy2map-photos'   RSS

2019-02-15
 
CVE-2015-4617

CWE-22
 

 
Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.

 
 
CVE-2015-4615

CWE-89
 

 
Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

 


Copyright 2024, cxsecurity.com

 

Back to Top