NVD Vulnerability Detail

CVE-2021-24383

Summary	The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue
Publication Date	June 22, 2021, 5:15 a.m.
Registration Date	June 22, 2021, 10 a.m.
Last Update	Nov. 21, 2024, 2:52 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:codecabin:wp_go_maps::::::wordpress::*					8.1.12

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/163261/WordPress-WP-Google-Maps-8.1.11-Cross-Site-Scripting.html	Exploit Third Party Advisory VDB Entry
2	http://packetstormsecurity.com/files/163261/WordPress-WP-Google-Maps-8.1.11-Cross-Site-Scripting.html	Exploit Third Party Advisory VDB Entry
3	https://wpscan.com/vulnerability/1270588c-53fe-447e-b83c-1b877dc7a954	Exploit Third Party Advisory
4	https://wpscan.com/vulnerability/1270588c-53fe-447e-b83c-1b877dc7a954	Exploit Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-79	クロスサイト・スクリプティング（XSS）	https://cwe.mitre.org/data/definitions/79.html

JVN Vulnerability Information

WordPress 用 WP Google Maps プラグインにおけるクロスサイトスクリプティングの脆弱性

Title	WordPress 用 WP Google Maps プラグインにおけるクロスサイトスクリプティングの脆弱性
Summary	WordPress 用 WP Google Maps プラグインには、クロスサイトスクリプティングの脆弱性が存在します。
Possible impacts	情報を取得される、および情報を改ざんされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	June 7, 2021, midnight
Registration Date	March 11, 2022, 6:08 p.m.
Last Update	March 11, 2022, 6:08 p.m.

Affected System

WP Google Maps

WP Google Maps 8.1.12 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-24383	https://www.cve.org/CVERecord?id=CVE-2021-24383
National Vulnerability Database (NVD)
2	CVE-2021-24383	https://nvd.nist.gov/vuln/detail/CVE-2021-24383

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-79	https://jvndb.jvn.jp/ja/cwe/CWE-79.html

ベンダー情報

No	Name	URL
WordPress Plugin Directory
1	WP Google Maps	https://wordpress.org/plugins/wp-google-maps/

その他

No	Name	URL
関連文書
1	WP Google Maps < 8.1.12 - Authenticated Stored Cross-Site Scripting (XSS)	https://wpscan.com/vulnerability/1270588c-53fe-447e-b83c-1b877dc7a954

Change Log

No	Changed Details	Date of change
1	[2022年03月11日] 掲載	March 11, 2022, 6:08 p.m.