← Back

Responsive Vector Maps

responsive_vector_maps

Vendor: Thinkupthemes • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24947
1Thinkupthemes
1Responsive Vector Maps
Nov 21, 2024
Feb 7, 2022
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, s...Show more
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web serverShow less