The Mapplic and Mapplic Lite plugins for WordPress are...
High severity
Unreviewed
Published
Oct 16, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Oct 16, 2024
Published to the GitHub Advisory Database
Oct 16, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forgery requests coming from a vulnerable site's server and ultimately perform an XSS attack if requesting an SVG file.
References