CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

9 matches found

RedhatCVE•added yesterday•3 views

CVE-2026-5451

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS5.7AI score0.00046EPSS

Exploits0References1

Patchstack•added 2026/04/09 10:2 p.m.•2 views

WordPress Extensions for Leaflet Map plugin <= 4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'elevation-track' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'elevation-track' Shortcode vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.14...

6.4CVSS5.9AI score0.00046EPSS

Exploits0References1Affected Software1

EUVD•added 2026/04/08 9:33 p.m.•1 views

EUVD-2026-20645

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS6.1AI score0.00046EPSS

Exploits0References7

NVD•added 2026/04/08 9:17 p.m.•1 views

CVE-2026-5451

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS0.00046EPSS

Exploits0References6

CVE•added 2026/04/08 8:25 p.m.•3 views

CVE-2026-5451

CVE-2026-5451 affects the WordPress plugin Extensions for Leaflet Map . The vulnerability is a stored XSS via the elevation-track shortcode in all versions up to and including 4.14, caused by insufficient input sanitization and output escaping on user-supplied attributes. An attacker with Contrib...

6.4CVSS6.1AI score0.00046EPSS

Exploits0References6

Cvelist•added 2026/04/08 8:25 p.m.•16 views

CVE-2026-5451 Extensions for Leaflet Map <= 4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'elevation-track' Shortcode

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS0.00046EPSS

Exploits0References6

ATTACKERKB•added 2026/04/08 8:25 p.m.•0 views

CVE-2026-5451

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS6.1AI score0.00046EPSS

Exploits0References7

Vulnrichment•added 2026/04/08 8:25 p.m.•1 views

CVE-2026-5451 Extensions for Leaflet Map <= 4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'elevation-track' Shortcode

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS6.1AI score0.00046EPSS

Exploits0References6

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31453

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS6.1AI score0.00046EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by