{
  "id": "CVE-2024-13220",
  "sourceIdentifier": "contact@wpscan.com",
  "published": "2025-01-31T06:15:28.623",
  "lastModified": "2025-02-18T19:15:12.920",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The WordPress Google Map Professional (Map In Your Language) WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
    },
    {
      "lang": "es",
      "value": "El complemento WordPress Google Map Professional (Map In Your Language) para WordPress hasta la versi\u00f3n 1.0 no desinfecta ni escapa un par\u00e1metro antes de mostrarlo nuevamente en la p\u00e1gina, lo que genera un Cross-Site Scripting Reflejado que podr\u00eda usarse contra usuarios con privilegios altos, como el administrador."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://wpscan.com/vulnerability/33ef27b4-e88f-46ec-9b3f-0a3e16d6f82e/",
      "source": "contact@wpscan.com"
    }
  ]
}