WordPress Geo Mashup 1.8.2 Cross Site Scripting

`Vulnerability title: Wordpress Geo Mashup plugin XSS  
Author: Paolo Perego  
CVE: CVE-2015-1383  
Affected versions: <= 1.8.2  
Fixed version: 1.8.3 (January, 11 2015)  
Product link: https://wordpress.org/plugins/geo-mashup/  
  
Description  
Geo Mashup is a wordpress plugin designed to let you save location  
information with posts, pages, and other WordPress objects. These  
information can then be presented on interactive maps in many ways.  
Plugin versions before 1.8.3 suffer from a cross site scripting  
vulnerability when displaying search results. The search key was not  
properly sanitized so an attacker can eventually inject arbitrary  
javascript code.  
  
Fix  
People can use Wordpress backend provided functionalities to upgrade  
Wordpress Geo Mashup plugin to the latest version.  
  
Paolo  
--   
$ cd /pub  
$ more beer  
  
  
`