CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE-2026-9594

The WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'locationmessages' parameter in all versions up to, and including, 4.9.4 due to insufficient input sanitization and output escaping...

4.4CVSS5.7AI score0.00025EPSS

Exploits0References1

CVE•added 6 days ago•16 views

CVE-2026-9594

The WP Maps plugin for WordPress (affected versions up to 4.9.4) is vulnerable to a Stored Cross-Site Scripting (XSS) via the location_messages parameter due to insufficient input sanitization and output escaping. The vulnerability requires authenticated access at administrator level or higher, w...

4.4CVSS5.7AI score0.00025EPSS

Exploits0References6

EUVD•added 6 days ago•9 views

EUVD-2026-34959

4.4CVSS5.7AI score0.00025EPSS

Exploits0References6

ATTACKERKB•added 6 days ago•5 views

CVE-2026-9594

4.4CVSS5.7AI score0.00025EPSS

Exploits0References7

Cvelist•added 6 days ago•37 views

CVE-2026-9594 WP Maps <= 4.9.4 - Authenticated (Admin+) Stored Cross-Site Scripting via 'location_messages' Parameter

4.4CVSS0.00025EPSS

Exploits0References6

Positive Technologies•added 6 days ago•9 views

PT-2026-47143

Name of the Vulnerable Software and Affected Versions WP Maps – Google Maps,OpenStreetMap,Mapbox,Store Locator,Listing,Directory & Filters versions prior to 4.9.5 Description The plugin is subject to Stored Cross-Site Scripting XSS, a flaw where malicious scripts are permanently stored on the...

4.4CVSS5.7AI score0.00025EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by