14 matches found
EUVD-2025-26176
Malicious code in bioql PyPI...
EUVD-2024-44265
Malicious code in bioql PyPI...
CVE-2025-8619
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map Block URL in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8619 OSM Map Widget for Elementor <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map Block URL in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8619
The CVE-2025-8619 issue concerns the WordPress OSM Map Widget for Elementor plugin. A stored cross-site scripting flaw exists in the Map Block URL handling for all versions up to 1.3.0, caused by insufficient input sanitization and output escaping of user-supplied attributes. Authenticated attack...
PT-2025-35189
Name of the Vulnerable Software and Affected Versions: OSM Map Widget for Elementor plugin for WordPress versions prior to 1.3.1 Description: The OSM Map Widget for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Map Block URL due to inadequate input...
WordPress OSM Map Widget for Elementor plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Button URL vulnerability discovered by zer0gh0st in WordPress Plugin OSM Map Widget for Elementor versions = 1.3.0...
CVE-2024-4663
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-4663
The CVE-2024-4663 entry covers the OSM Map Widget for Elementor WordPress plugin. It affects all versions up to 1.2.2, with a Reflected Cross-Site Scripting vulnerability in the id parameter caused by insufficient input sanitization and output escaping. The issue can allow unauthenticated attacke...
CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
CVE-2024-4663 OSM Map Widget for Elementor <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
WordPress plugin OSM Map Widget for Elementor security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerabilit...
WordPress OSM Map Widget for Elementor plugin < 1.3.0 - Authenticated Stored Cross-Site Scripting via id Parameter vulnerability
Authenticated Stored Cross-Site Scripting via id Parameter vulnerability discovered by stealthcopter in WordPress Plugin OSM Map Widget for Elementor versions 1.3.0...
WordPress OSM Map Widget for Elementor Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)
Software OSM Map Widget for Elementor Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4663 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4fcc595d31d1 Credits stealthcopter...