Vulnerabilities and security researches forab-google-map-travel ab-google-map-travel

Jun 06, 2024

CVE, Research URL: CVE-2015-2755
Home page URL: Security reports for AB Google Map Travel (AB-MAP)
Application: AB Google Map Travel (AB-MAP)
Date: Apr 01, 2015
Research Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-31613
Home page URL: Security reports for AB Google Map Travel (AB-MAP)
Application: AB Google Map Travel (AB-MAP)
Date: Mar 31, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from n/a through 4.6.
Affected versions: Min -, max -.
Status: vulnerable