CVE-2026-0563

The WP Google Street View with 360° virtual tour & Google maps + Local SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpgsvmap' shortcode in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2026-0563

The WP Google Street View with 360° virtual tour & Google maps + Local SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpgsvmap' shortcode in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2026-0563 WP Google Street View (with 360° virtual tour) & Google maps + Local SEO <= 1.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpgsv_map' Shortcode

The WP Google Street View with 360° virtual tour & Google maps + Local SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpgsvmap' shortcode in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible...

WordPress plugin WP Google Street View (with 360° virtual tour) & Google maps + Local SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to set up a personal blog site on a PHP and MySQL based...

WordPress WP Google Street View (with 360° virtual tour) & Google maps + Local SEO plugin <= 1.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpgsv_map' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'wpgsvmap' Shortcode vulnerability discovered by Paolo Tresso - Wordfence in WordPress Plugin WP Google Street View versions = 1.1.8...

CVE-2025-11808 Shortcode for Google Street View <= 0.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Shortcode for Google Street View plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'streetview' shortcode in all versions up to, and including, 0.5.7. This is due to insufficient input sanitization and output escaping on the 'id' attribute. This makes it possible for...

WordPress plugin Shortcode for Google Street View 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-47705

The Shortcode for Google Street View plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'streetview' shortcode in all versions up to, and including, 0.5.7. This is due to insufficient input sanitization and output escaping on the 'id' attribute. This makes it possible for...

WordPress Shortcode for Google Street View plugin <= 0.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Shortcode for Google Street View versions = 0.5.7...

EUVD-2024-51662

Malicious code in bioql PyPI...

EUVD-2025-8372

Malicious code in bioql PyPI...

CVE-2025-30799

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pagup WP Google Street View wp-google-street-view allows Stored XSS.This issue affects WP Google Street View: from n/a through = 1.1.5...

CVE-2025-30799

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pagup WP Google Street View wp-google-street-view allows Stored XSS.This issue affects WP Google Street View: from n/a through = 1.1.5...

CVE-2025-30799 WordPress WP Google Street View plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pagup WP Google Street View wp-google-street-view allows Stored XSS.This issue affects WP Google Street View: from n/a through = 1.1.5...

CVE-2025-30799

CVE-2025-30799 affects WP Google Street View (WordPress plugin) up to version 1.1.5 and is a Stored Cross-Site Scripting (XSS) vulnerability reported in the CVE details. The issue arises from improper neutralization of input during web page generation, enabling stored XSS. Wordfence coverage conf...

CVE-2025-30799 WordPress WP Google Street View plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pagup WP Google Street View wp-google-street-view allows Stored XSS.This issue affects WP Google Street View: from n/a through = 1.1.5...

WordPress WP Google Street View plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin WP Google Street View versions = 1.1.5...

WordPress plugin WP Google Street View 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress WP Google Street View (with 360° virtual tour) & Google maps + Local SEO plugin <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin WP Google Street View versions = 1.1.3...

CVE-2024-13542

The WP Google Street View with 360° virtual tour & Google maps + Local SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpgsv' shortcode in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied...