24 matches found
EUVD-2025-31680
Malicious code in bioql PyPI...
EUVD-2025-17202
Malicious code in bioql PyPI...
CVE-2025-8608
The Mihdan: Elementor Yandex Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 1.6.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8608
The Mihdan: Elementor Yandex Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 1.6.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8608 Mihdan: Elementor Yandex Maps <= 1.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Marker Pins
The Mihdan: Elementor Yandex Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 1.6.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8608 Mihdan: Elementor Yandex Maps <= 1.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Marker Pins
The Mihdan: Elementor Yandex Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block attributes in all versions up to, and including, 1.6.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8608
CVE-2025-8608 affects Mihdan: Elementor Yandex Maps plugin for WordPress (versions up to 1.6.11). The vulnerability is a Stored XSS via the plugin’s block attributes, caused by insufficient input sanitization and output escaping. An authenticated attacker with contributor-level access or higher c...
WordPress Mihdan: Elementor Yandex Maps plugin <= 1.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Marker Pins vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Marker Pins vulnerability discovered by zer0gh0st in WordPress Plugin Mihdan: Elementor Yandex Maps versions = 1.6.11...
PT-2025-39942
Name of the Vulnerable Software and Affected Versions Mihdan: Elementor Yandex Maps plugin for WordPress versions through 1.6.11 Description The Mihdan: Elementor Yandex Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s block attributes. This is due to...
WordPress plugin Mihdan Elementor Yandex Maps 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers. timesheet is a job tracking plugin used in it. relevant is a...
CVE-2025-30930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unreal Themes ACF: Yandex Maps Field acf-yandex-maps-field allows Stored XSS.This issue affects ACF: Yandex Maps Field: from n/a through = 1.1...
CVE-2025-30930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unreal Themes ACF: Yandex Maps Field acf-yandex-maps-field allows Stored XSS.This issue affects ACF: Yandex Maps Field: from n/a through = 1.1...
CVE-2025-30930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unreal Themes ACF: Yandex Maps Field acf-yandex-maps-field allows Stored XSS.This issue affects ACF: Yandex Maps Field: from n/a through = 1.1...
CVE-2025-30930
CVE-2025-30930 is a stored XSS in Unreal Themes ACF: Yandex Maps Field. Affected: ACF: Yandex Maps Field versions from n/a up to 1.1. CVSS 3.1 base score 5.9 (Network, Low confidentiality/integrity/availability impact; user interaction required). Exploitation details and a remediated version are ...
CVE-2025-30930 WordPress ACF: Yandex Maps Field plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unreal Themes ACF: Yandex Maps Field acf-yandex-maps-field allows Stored XSS.This issue affects ACF: Yandex Maps Field: from n/a through = 1.1...
CVE-2025-30930 WordPress ACF: Yandex Maps Field plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Unreal Themes ACF: Yandex Maps Field acf-yandex-maps-field allows Stored XSS.This issue affects ACF: Yandex Maps Field: from n/a through = 1.1...
WordPress plugin ACF: Yandex Maps Field 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin ACF: A cross-site scripting...
PT-2025-24158 · Unknown · Acf: Yandex Maps Field
Name of the Vulnerable Software and Affected Versions: ACF: Yandex Maps Field versions 1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in ACF: Yandex Maps Field...
WordPress ACF: Yandex Maps Field plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin ACF: Yandex Maps Field versions = 1.1...
CVE-2023-22721
Auth. Stored Cross-Site Scripting XSS in Oi Yandex.Maps for WordPress = 3.2.7 versions...