mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
235 lines
9.2 KiB
JSON
235 lines
9.2 KiB
JSON
{
|
|
"id": "CVE-2014-7182",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2014-10-22T14:55:06.700",
|
|
"lastModified": "2018-10-09T19:52:18.070",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the WP Google Maps plugin before 6.0.27 for WordPress allow remote attackers to inject arbitrary web script or HTML via the poly_id parameter in an (1) edit_poly, (2) edit_polyline, or (3) edit_marker action in the wp-google-maps-menu page to wp-admin/admin.php."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "M\u00faltiples vulnerabilidades de XSS en el plugin WP Google Maps anterior a 6.0.27 para WordPress permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del paqr\u00e1metro poly_id en una acci\u00f3n (1) edit_poly, (2) edit_polyline, o (3) edit_marker en la p\u00e1gina wp-google-maps-menu en wp-admin/admin.php."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:*:*:*:*:*:wordpress:*:*",
|
|
"versionEndIncluding": "6.0.26",
|
|
"matchCriteriaId": "906D6DBF-97B5-4C32-9E03-6E05E2A16774"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.0:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "ACA65339-1FD1-4E83-9862-7746192825A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.01:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "AC108D6B-57CB-4BC5-BCD4-C711933CFAA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.02:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "6C00FFE6-C1CE-4FDD-8223-F4F882CE235B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.03:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "6C1E50A1-8C7A-4D49-995F-12476651F2E5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.04:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "4178EDFF-0664-40F2-A534-E11BF1B843CE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.05:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "E2292688-F26D-4B9D-9821-1D6B531058CC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.06:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "A440A996-9C33-45A1-B96C-4CAB5141000F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.07:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "A220F437-6C5E-45AC-B127-DF36479C91F1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.08:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "0C1496A2-3311-4D3B-A501-A83C044917B0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.09:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "D5C00268-4D24-4607-B99C-AE00E3860811"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.10:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "B01446D2-FCCA-4E6C-ACFA-B2BF531B0DF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.11:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "2C7A6E5C-01D8-4C7B-87A9-8E120B9BEAFB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.12:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "22E6BEBB-8013-445E-A61D-CCBE37045B8A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.13:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "E1493572-7D6C-4D87-BE2A-0460260754DB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.14:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "ACB5D1A3-FB44-4934-91E5-656B2BC4D229"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.15:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "0C271C08-C9C7-414F-89D6-B0B4CAF61F4A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.16:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "18814FE5-F1A9-4A4D-8557-6C09AC238979"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.17:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "421A38BA-EB3C-40E0-8458-FD1AF0CB9997"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.18:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "C0C9FCD8-5F66-4E0B-BDAB-56F4663F1C22"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.19:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "6501B9DF-49C6-4499-AE85-5C8BA57343D8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.20:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "D99FAC3B-C59E-4B38-ABE8-02438FB6E7FE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.21:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "1E3632BB-4E9D-43C2-8CB0-D6D780E1B419"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.22:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "06F3B715-46FD-4572-AD14-89C1A65751D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.23:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "1703645A-E4A7-4157-BD1A-3751DCA888BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.24:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "995E5546-F734-4107-8D6F-7A0D222533C6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:wpgmaps:wordpress_google_maps_plugin:6.0.25:*:*:*:*:wordpress:*:*",
|
|
"matchCriteriaId": "716F2824-1141-4597-89F4-0A50E6120203"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/128694/WordPress-WP-Google-Maps-6.0.26-Cross-Site-Scripting.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/533699/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/70597",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://wordpress.org/plugins/wp-google-maps/changelog",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.htbridge.com/advisory/HTB23236",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Exploit"
|
|
]
|
|
}
|
|
]
|
|
} |