CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/14 5:30 a.m.•2 views

EUVD-2025-209837

ATTACKERKB•added 2026/05/14 5:30 a.m.•1 views

CVE-2025-15345

Vulnrichment•added 2026/05/14 5:30 a.m.•4 views

CVE-2025-15345 MapGeo - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting via 'map' Parameter

CVE•added 2026/05/14 5:30 a.m.•5 views

CVE-2025-15345

The CVE-2025-15345 entry concerns the WordPress plugin MapGeo – Interactive Geo Maps . It is vulnerable to a Reflected XSS in the display-map shortcode via the 'map' parameter in all versions up to and including 1.6.27 due to insufficient input sanitization and output escaping. Exploitation requi...

Cvelist•added 2026/05/14 5:30 a.m.•28 views

CVE-2025-15345 MapGeo - Interactive Geo Maps <= 1.6.27 - Reflected Cross-Site Scripting via 'map' Parameter

6.1CVSS0.00066EPSS

NVD•added 2026/04/09 4:17 a.m.•1 views

CVE-2026-4429

The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...

6.4CVSS0.00073EPSS

Exploits0References10

CVE•added 2026/04/09 2:25 a.m.•4 views

CVE-2026-4429

CVE-2026-4429 concerns the WordPress plugin OSM – OpenStreetMap (vulnerable up to 6.1.15). The flaw is a Stored Cross‑Site Scripting via the [osm_map_v3] shortcode attributes, specifically marker_name and file_color_list , due to insufficient input sanitization and output escaping. With authentic...

6.4CVSS6.1AI score0.00073EPSS

Exploits0References10

Cvelist•added 2026/02/14 6:42 a.m.•26 views

CVE-2026-1096 Best-wp-google-map <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'latitude' Shortcode Attribute

The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...

6.4CVSS0.00045EPSS

CVE•added 2026/02/14 6:42 a.m.•10 views

CVE-2026-1096

CVE-2026-1096 affects the Best-wp-google-map WordPress plugin (versions

6.4CVSS5.7AI score0.00045EPSS

CNNVD•added 2026/02/14 12:0 a.m.•3 views

WordPress plugin Best-wp-google-map 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.4CVSS5.7AI score0.00045EPSS

Positive Technologies•added 2026/01/09 12:0 a.m.•2 views

PT-2026-1961

Name of the Vulnerable Software and Affected Versions WP Google Street View with 360° virtual tour & Google maps + Local SEO plugin for WordPress versions through 1.1.8 Description The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping...

6.4CVSS5.5AI score0.00016EPSS

RedhatCVE•added 2025/11/12 3:47 a.m.•4 views

CVE-2025-12662

The Coon Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'map' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

6.4CVSS5AI score0.00031EPSS

Exploits0References1

EUVD•added 2025/11/11 6:30 a.m.•2 views

EUVD-2025-60925

6.4CVSS4.7AI score0.00031EPSS

Cvelist•added 2025/11/11 3:30 a.m.•4 views

CVE-2025-12662 Coon Google Maps <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS0.00031EPSS

CVE•added 2025/11/11 3:30 a.m.•10 views

CVE-2025-12662

The CVE-2025-12662 entry concerns the WordPress Coon Google Maps plugin. A stored XSS flaw exists in all versions up to 1.0 via the height parameter in the map shortcode, caused by insufficient input sanitization and output escaping. An authenticated attacker with contributor-level access or high...

6.4CVSS4.8AI score0.00031EPSS

CNNVD•added 2025/11/11 12:0 a.m.•1 views

WordPress plugin Coon Google Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Coon Maps plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

6.4CVSS5.8AI score0.00031EPSS

Positive Technologies•added 2025/11/11 12:0 a.m.•4 views

PT-2025-46287

Name of the Vulnerable Software and Affected Versions Coon Google Maps plugin for WordPress versions prior to 1.1 Description The Coon Google Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter within the 'map' shortcode. This occurs because of...

6.4CVSS5.3AI score0.00031EPSS

Exploits0References5

RedhatCVE•added 2025/10/23 9:13 a.m.•10 views

CVE-2025-11813

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsivemap' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on the 'width' and 'height' attributes. This makes it...

6.4CVSS5AI score0.00032EPSS

Exploits0References1

Cvelist•added 2025/10/22 8:27 a.m.•7 views

CVE-2025-11813 Responsive iframe GoogleMap <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS0.00032EPSS