CVE-2025-9206

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Meks Easy Maps plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Meks Easy Maps versions = 2.1.4...

EUVD-2025-32267

Malicious code in bioql PyPI...

CVE-2025-9206

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-9206 Meks Easy Maps <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-9206 Meks Easy Maps <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Meks Easy Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title field in all version up to, and including, 2.1.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin Meks Easy Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-40489

Name of the Vulnerable Software and Affected Versions Meks Easy Maps plugin for WordPress versions through 2.1.4 Description The software is susceptible to Stored Cross-Site Scripting through the post title field. This is caused by inadequate input sanitization and output escaping of user-provide...

CVE-2023-25989

Cross-Site Request Forgery CSRF vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading...

CVE-2023-25989

Summary: CVE-2023-25989 is a CSRF vulnerability reported across multiple Meks WordPress plugins (Audio Player, Time Ago, ThemeForest Smart Widget, Smart Author Widget, Easy Maps, Easy Photo Feed Widget, Simple Flickr Widget, Easy Ads Widget, Smart Social Widget, and related plugins). The flaw ena...

WordPress Meks Easy Maps Plugin <= 2.1.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Meks Easy Maps Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25989 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e349a998361e Credits Muhammad Daffa...