cleantalk
Vulnerabilities and Security Researches

AB Google Map Travel (AB-MAP), CVE-2015-2755

CVE, Research URL

CVE-2015-2755

Home page URL

Security reports for AB Google Map Travel (AB-MAP)

Application

AB Google Map Travel (AB-MAP)

Published on
Apr 01, 2015
Research Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php.
Affected versions
Min -, max 4.0.
Status
vulnerable
Previous vulnerability researches
AB Google Map Travel (AB-MAP) (CVE-2025-31613) , Apr 03, 2025
AB Google Map Travel (AB-MAP) (CVE-2015-2755) , Jun 06, 2024
New vulnerability
CM Header & Footer Script Loader – Insert Script Plugin (CVE-2025-31091) , Apr 05, 2025
Minimalistic Event Manager (CVE-2025-31739) , Apr 05, 2025
Category Icon (CVE-2025-31825) , Apr 05, 2025
Rich Text Editor (CVE-2025-31736) , Apr 05, 2025
Botnet Attack Blocker (CVE-2025-31893) , Apr 05, 2025