PT-2026-47680

The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing nonce validation on the process init function hooked to admin init, which saves plugin settings zoom-level, focus-lat, focus-lng, sel places, sel rout...

WordPress WP-Ultimate-Map plugin <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab - Pondok Teknologi in WordPress Plugin WP-Ultimate-Map versions = 1.1...