Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1913: Diff [2876127:2893821] for google-maps-widget/trunk – WordPress Plugin Repository

The Maps Widget for Google Maps for WordPress is vulnerable to Stored Cross-Site Scripting via widget settings in versions up to, and including, 4.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE
Open in Source
#xss#web#google#java#wordpress#php#auth

google-maps-widget/trunk/gmw-widget.php

r2876127

r2893821

454

454

}

455

455

456

$instance\['title'\] = $new\_instance\['title'\];

457

$instance\['address'\] = strip\_tags(trim($new\_instance\['address'\]));

458

459

$instance\['thumb\_pin\_type'\] = $new\_instance\['thumb\_pin\_type'\];

460

$instance\['thumb\_pin\_color'\] = GMW::sanitize\_hex\_color(@$new\_instance\['thumb\_pin\_color'\]);

461

$instance\['thumb\_pin\_size'\] = $new\_instance\['thumb\_pin\_size'\];

462

$instance\['thumb\_pin\_label'\] = $new\_instance\['thumb\_pin\_label'\];

463

$instance\['thumb\_pin\_img'\] = trim($new\_instance\['thumb\_pin\_img'\]);

456

$instance\['title'\] = sanitize\_text\_field($new\_instance\['title'\]);

457

$instance\['address'\] = sanitize\_text\_field(trim($new\_instance\['address'\]));

458

459

$instance\['thumb\_pin\_type'\] = sanitize\_text\_field($new\_instance\['thumb\_pin\_type'\]);

460

$instance\['thumb\_pin\_color'\] = GMW::sanitize\_hex\_color(sanitize\_text\_field(@$new\_instance\['thumb\_pin\_color'\]));

461

$instance\['thumb\_pin\_size'\] = sanitize\_text\_field($new\_instance\['thumb\_pin\_size'\]);

462

$instance\['thumb\_pin\_label'\] = sanitize\_text\_field($new\_instance\['thumb\_pin\_label'\]);

463

$instance\['thumb\_pin\_img'\] = sanitize\_text\_field(trim($new\_instance\['thumb\_pin\_img'\]));

464

464

$instance\['thumb\_width'\] = min(640, max(50, (int) $new\_instance\['thumb\_width'\]));

465

465

$instance\['thumb\_height'\] = min(640, max(50, (int) $new\_instance\['thumb\_height'\]));

466

$instance\['thumb\_zoom'\] = $new\_instance\['thumb\_zoom'\];

467

$instance\['thumb\_type'\] = @$new\_instance\['thumb\_type'\];

468

$instance\['thumb\_link\_type'\] = $new\_instance\['thumb\_link\_type'\];

469

$instance\['thumb\_link'\] = trim($new\_instance\['thumb\_link'\]);

470

$instance\['thumb\_header'\] = trim($new\_instance\['thumb\_header'\]);

471

$instance\['thumb\_footer'\] = trim($new\_instance\['thumb\_footer'\]);

472

$instance\['thumb\_color\_scheme'\] = $new\_instance\['thumb\_color\_scheme'\];

473

$instance\['thumb\_format'\] = $new\_instance\['thumb\_format'\];

474

$instance\['thumb\_lang'\] = $new\_instance\['thumb\_lang'\];

475

$instance\['thumb\_powered\_by'\] = $new\_instance\['thumb\_powered\_by'\];

476

$instance\['thumb\_hide\_title'\] = $new\_instance\['thumb\_hide\_title'\];

466

$instance\['thumb\_zoom'\] = sanitize\_text\_field($new\_instance\['thumb\_zoom'\]);

467

$instance\['thumb\_type'\] = sanitize\_text\_field(@$new\_instance\['thumb\_type'\]);

468

$instance\['thumb\_link\_type'\] = sanitize\_text\_field($new\_instance\['thumb\_link\_type'\]);

469

$instance\['thumb\_link'\] = sanitize\_text\_field(trim($new\_instance\['thumb\_link'\]));

470

$instance\['thumb\_header'\] = wp\_kses\_post(trim($new\_instance\['thumb\_header'\]));

471

$instance\['thumb\_footer'\] = wp\_kses\_post(trim($new\_instance\['thumb\_footer'\]));

472

$instance\['thumb\_color\_scheme'\] = sanitize\_text\_field($new\_instance\['thumb\_color\_scheme'\]);

473

$instance\['thumb\_format'\] = sanitize\_text\_field($new\_instance\['thumb\_format'\]);

474

$instance\['thumb\_lang'\] = sanitize\_text\_field($new\_instance\['thumb\_lang'\]);

475

$instance\['thumb\_powered\_by'\] = sanitize\_text\_field($new\_instance\['thumb\_powered\_by'\]);

476

$instance\['thumb\_hide\_title'\] = sanitize\_text\_field($new\_instance\['thumb\_hide\_title'\]);

477

477

478

478

$instance\['lightbox\_fullscreen'\] = (int) $new\_instance\['lightbox\_fullscreen'\];

479

479

$instance\['lightbox\_width'\] = min(2000, max(50, (int) $new\_instance\['lightbox\_width'\]));

480

480

$instance\['lightbox\_height'\] = min(2000, max(50, (int) $new\_instance\['lightbox\_height'\]));

481

$instance\['lightbox\_mode'\] = $new\_instance\['lightbox\_mode'\];

482

$instance\['lightbox\_map\_type'\] = $new\_instance\['lightbox\_map\_type'\];

483

$instance\['lightbox\_zoom'\] = $new\_instance\['lightbox\_zoom'\];

481

$instance\['lightbox\_mode'\] = sanitize\_text\_field($new\_instance\['lightbox\_mode'\]);

482

$instance\['lightbox\_map\_type'\] = sanitize\_text\_field($new\_instance\['lightbox\_map\_type'\]);

483

$instance\['lightbox\_zoom'\] = sanitize\_text\_field($new\_instance\['lightbox\_zoom'\]);

484

484

$instance\['lightbox\_feature'\] = (array) $new\_instance\['lightbox\_feature'\];

485

$instance\['lightbox\_header'\] = trim($new\_instance\['lightbox\_header'\]);

486

$instance\['lightbox\_footer'\] = trim($new\_instance\['lightbox\_footer'\]);

487

$instance\['lightbox\_skin'\] = $new\_instance\['lightbox\_skin'\];

488

$instance\['lightbox\_lang'\] = $new\_instance\['lightbox\_lang'\];

485

$instance\['lightbox\_header'\] = wp\_kses\_post(trim($new\_instance\['lightbox\_header'\]));

486

$instance\['lightbox\_footer'\] = wp\_kses\_post(trim($new\_instance\['lightbox\_footer'\]));

487

$instance\['lightbox\_skin'\] = sanitize\_text\_field($new\_instance\['lightbox\_skin'\]);

488

$instance\['lightbox\_lang'\] = sanitize\_text\_field($new\_instance\['lightbox\_lang'\]);

489

489

490

490

$instance\['core\_ver'\] = GMW::$version;

google-maps-widget/trunk/google-maps-widget.php

r2876127

r2893821

5

5

Description: Display a single image super-fast loading Google Map in a widget. A larger, full featured map is available in a lightbox. Includes a user-friendly interface and numerous appearance options.

6

6

Author: WebFactory Ltd

7

Version: 4.24

7

Version: 4.25

8

8

Author URI: https://www.gmapswidget.com/

9

9

Text Domain: google-maps-widget

11

11

Requires at least: 4.0

12

12

Requires PHP: 5.2

13

Tested up to: 6.1

13

Tested up to: 6.2

14

14

15

15

Copyright 2012 - 2023 WebFactory Ltd (email : [email protected])

google-maps-widget/trunk/readme.txt

r2876127

r2893821

5

5

License URI: http://www.gnu.org/licenses/gpl-2.0.html

6

6

Requires at least: 4.0

7

Tested up to: 6.1

8

Stable tag: 4.24

7

Tested up to: 6.2

8

Stable tag: 4.25

9

9

Requires PHP: 5.2

10

10

181

181

182

182

== Changelog ==

183

= 4.25 =

184

* 2023/04/04

185

* JavaScript is no longer accepted in the widget footer and header fields

183

186

184

187

= 4.24 =

185

188

* 2023/03/07

186

* minor security fixe

189

* minor security fixes

187

190

188

191

= 4.23 =

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE