CVE-2012-10018

CVSS V2 None CVSS V3 None

Description

The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forgery requests coming from a vulnerable site's server and ultimately perform an XSS attack if requesting an SVG file.

Overview

CVE ID
CVE-2012-10018

Assigner
Wordfence

Vulnerability Status
PUBLISHED

Published Version
2024-10-16T06:43:33.160Z

Last Modified Date
2024-10-16T18:05:36.335Z

Weakness Enumerations

CWE	URL
CWE-918	http://cwe.mitre.org/data/definitions/918.html

References

Reference URL	Reference Tags
https://www.wordfence.com/threat-intel/vulnerabilities/id/5aacabb5-94af-485a-af24-e84db3e3726f?source=cve
https://packetstormsecurity.com/files/161919/
https://packetstormsecurity.com/files/161920/
https://www.mapplic.com/docs/#changelog
https://plugins.trac.wordpress.org/changeset/2503447

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2012-10018
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-10018

History

Created	Old Value	New Value	Data Type	Notes
2024-10-17 10:01:47				Added to TrackCVE