Lucene search
+L

4 matches found

Circl
Circl
added 2025/05/01 6:13 a.m.28 views

CVE-2025-3503

creationtimestamp| type| source ---|---|--- 2025-05-01 06:13:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14239 2025-05-01 09:55:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo426aydww2p 2025-05-01 10:39:11+00:00| seen|...

4.8CVSS8.7AI score0.00236EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/05/01 6:0 a.m.9 views

CVE-2025-3503 WP Maps < 4.7.2 - Admin+ Stored XSS

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.8AI score0.00236EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/01 6:0 a.m.46 views

CVE-2025-3503 WP Maps < 4.7.2 - Admin+ Stored XSS

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00236EPSS
Exploits1References1
CVE
CVE
added 2025/05/01 6:0 a.m.66 views

CVE-2025-3503

CVE-2025-3503 affects the WP Maps WordPress plugin prior to version 4.7.2. The vulnerability arises because some Map settings are not properly sanitized/escaped, enabling Stored XSS by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (such as in multisite). Public expl...

4.8CVSS5.4AI score0.00236EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder