The Wordfence Threat Intelligence Team discovered two vulnerabilities in MapPress Maps for WordPress , a WordPress plugin with over 80,000 installations. One vulnerability that allowed stored Cross-Site Scripting (XSS) was present in both the free and pro versions of the plugin, while a far more critical vulnerability that allowed Remote Code Execution (RCE) was present in the pro version. A patched version of both MapPress Free and MapPress Pro were released within hours. We strongly recommend updating both the free and pro versions to the latest version, 2.54.2, as soon as possible. Description : Authenticated Map Creation/Deletion Leading to Stored Cross-Site Scripting (XSS) Affected Plugin : MapPress Maps for WordPress Plugin Slug : mappress-google-maps-for-wordpress Affected Versions : <=2.53.8 Free and Pro CVE ID : CVE-2020-12077 CVSS Score : 6.5(Medium) CVSS Vector : CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L Fully Patched Version : 2.53.9 MapPress Maps for Wor
It is a personal Blog, of a freelancer name Lalit yadav, develop customize software,seo solutions,eCommerce solution, web designing,technical consultant,java,php,.net expert,Mobile web,VAS services expert,wordpress,opencart,IVR solution provider and developer.