3 matches found
WordPress Meks Easy Maps plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Meks Easy Maps versions = 2.1.4...
CVE-2025-9206
The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-9206
CVE-2025-9206 (Meks Easy Maps for WordPress) : A stored Cross-Site Scripting (XSS) vulnerability affects Meks Easy Maps plugin up to version 2.1.4. The issue arises from insufficient input sanitization and output escaping in the post title field, allowing authenticated users with contributor-leve...