Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/03 6:11 a.m.20 views

CVE-2025-3502

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00274EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/01 9:32 p.m.8 views

WordPress WP Maps plugin < 4.7.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Maps versions 4.7.2...

4.8CVSS7.4AI score0.00274EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/01 6:0 a.m.7 views

CVE-2025-3502 WP Maps < 4.7.2 - Admin+ Stored XSS

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00274EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/01 6:0 a.m.31 views

CVE-2025-3502 WP Maps < 4.7.2 - Admin+ Stored XSS

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00274EPSS
Exploits1References1
Rows per page
Query Builder