2 matches found
WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder plugin <= 1.2.0 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder formerly Visual Composer versions = 1.2.0...
CVE-2025-6572
The OpenStreetMap for Gutenberg and WPBakery Page Builder formerly Visual Composer WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above...