3 matches found
CVE-2025-5122
creationtimestamp| type| source ---|---|--- 2025-05-29 08:53:54+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqcdplqshuv2 2025-05-29 12:06:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqcol27mlz2s...
CVE-2025-5122
CVE-2025-5122 maps to Map Block Leaflet for WordPress. Affected: versions up to 3.2.1 with stored cross-site scripting via the url parameter due to insufficient input sanitization and output escaping. Exploitation requires an authenticated user with Contributor-level access or higher; injected sc...
WordPress Map Block Leaflet plugin <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Map Block Leaflet versions = 3.2.1...