Flippercode
Products by Flippercode Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2024 there have been 0 vulnerabilities in Flippercode . Last year Flippercode had 4 security vulnerabilities published. Right now, Flippercode is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 4 | 6.17 |
| 2022 | 1 | 8.80 |
| 2021 | 2 | 6.00 |
| 2020 | 0 | 0.00 |
| 2019 | 5 | 7.72 |
| 2018 | 1 | 5.40 |
It may take a day or so for new Flippercode vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Flippercode Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions.
CVE-2023-28172
8.8 - High
- November 12, 2023
Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps WP MAPS (formerly WP Google Map Plugin) plugin <= 4.4.2 versions.
The WP Security Question plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5
CVE-2021-4386
4.3 - Medium
- July 01, 2023
The WP Security Question plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Session Riding
** REJECT ** CVE split into individual CVE IDs for each software record.
CVE-2021-4342
- June 07, 2023
** REJECT ** CVE split into individual CVE IDs for each software record.
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerabil
CVE-2023-23878
5.4 - Medium
- April 04, 2023
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in flippercode WordPress Plugin for Google Maps WP MAPS plugin <= 4.3.9 versions.
XSS
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category
CVE-2022-25600
8.8 - High
- March 11, 2022
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3).
Session Riding
The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfiltered_html capability is dis
CVE-2021-24502
4.8 - Medium
- August 09, 2021
The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfiltered_html capability is disallowed
XSS
Unvalidated input in the WP Google Map Plugin WordPress plugin
CVE-2021-24130
7.2 - High
- March 18, 2021
Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+).
SQL Injection
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.
CVE-2015-9309
8.8 - High
- August 14, 2019
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.
Session Riding
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.
CVE-2015-9308
8.8 - High
- August 14, 2019
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.
Session Riding
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.
CVE-2015-9307
8.8 - High
- August 14, 2019
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.
Session Riding
The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS.
CVE-2016-10878
6.1 - Medium
- August 12, 2019
The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS.
XSS
The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions.
CVE-2015-9305
6.1 - Medium
- August 12, 2019
The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions.
XSS
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress
CVE-2018-0577
5.4 - Medium
- May 14, 2018
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
XSS