CVE-2025-47561 WordPress MapSVG plugin < 8.6.13 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through 8.6.13...

CVE-2025-47561 WordPress MapSVG plugin < 8.6.13 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through 8.6.13...

CVE-2025-47561

CVE-2025-47561 affects MapSVG WordPress plugin. Description: Incorrect Privilege Assignment enabling Privilege Escalation from low to administrator. Affected versions are before 8.6.13 (WordPress MapSVG data also shows vulnerability entries for MapSVG

PT-2025-24507 · Romancode · Mapsvg

Name of the Vulnerable Software and Affected Versions: MapSVG versions n/a through 8.5.34 Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation in RomanCode MapSVG. Recommendations: For versions n/a through 8.5.34, update to a...

WordPress plugin MapSVG 安全漏洞

WordPress MapSVG is a WordPress plugin for creating interactive maps. WordPress MapSVG suffers from an elevation of privilege vulnerability. The vulnerability stems from improper privilege assignment. An attacker can exploit the vulnerability to elevate privileges to elevate a low-privileged...

CVE-2025-47558

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...

CVE-2024-9544

The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2025-47558

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...

CVE-2025-47558

MapSVG (WordPress plugin) is affected by CVE-2025-47558: a Missing Authorization vulnerability in MapSVG versions up to and including 8.6.12 allows accessing functionality not constrained by ACLs. The issue is caused by broken access control and could enable unauthorized access to certain feature...

CVE-2025-47558 WordPress MapSVG plugin < 8.6.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in PT Norther Lights Production MapSVG allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a before 8.6.13...

CVE-2025-47558 WordPress MapSVG plugin < 8.6.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...

PT-2025-22756 · Mapsvg · Mapsvg

Name of the Vulnerable Software and Affected Versions: MapSVG versions n/a through 8.5.31 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions n/a through 8.5.31, update to ...

WordPress plugin MapSVG 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress MapSVG plugin < 8.6.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Anhchangmutrang Patchstack Alliance in WordPress Plugin MapSVG versions 8.6.13...

CVE-2024-9544

The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-9544

The CVE refers to a Stored Cross-Site Scripting vulnerability in the WordPress MapSVG plugin. Affected: MapSVG plugin for WordPress versions up to and including 8.6.4. Root cause: insufficient input sanitization and output escaping during SVG file uploads, allowing authenticated attackers with Co...

CVE-2024-9544 MapSVG - All Kinds of Maps and Store Locator for WordPress <= 8.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-9544 MapSVG - All Kinds of Maps and Store Locator for WordPress <= 8.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The MapSVG plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 8.6.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

WordPress plugin MapSVG 代码问题漏洞

WordPress MapSVG is a powerful WordPress map plugin that not only supports the creation of interactive maps, but also offers a wide range of customization and integration features. A cross-site scripting vulnerability exists in WordPress MapSVG, which stems from insufficient input cleanup and...

VulnCheck KEV: CVE-2025-47558

Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...