CVE-2026-33559

WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability. On the site with the affected version of the plugin enabled, a logged-in user with a page-creating/editing privilege can embed some malicious script with a crafted HTTP request. When a victim user...

CVE-2026-33559

The CVE-2026-33559 entry concerns the WordPress OpenStreetMap plugin (MiKa). A cross-site scripting vulnerability exists in an affected plugin version where a logged-in user with page-creating/editing privileges can embed malicious script via a crafted HTTP request. When another user accesses the...

WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder plugin cross-site scripting vulnerability

WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder plugin mainly provides the function of embedding interactive maps in the page, supporting customized locations, map styles, marker points and so on. The WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder plugin suffers...

WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Plugin <= 1.1.2 is vulnerable to Backdoor

Software OpenStreetMap for Gutenberg and WPBakery Page Builder formerly Visual Composer Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 2c4a57caa5d5 Credits...