EUVD-2025-23734

Malicious code in bioql PyPI...

WordPress esri-map-view cross-site scripting vulnerability

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

CVE-2025-6259

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-6259

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-6259

The CVE-2025-6259 entry refers to a stored XSS vulnerability in the WordPress esri-map-view plugin (

CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2025-32032 · WordPress · Esri-Map-View

Name of the Vulnerable Software and Affected Versions: esri-map-view plugin for WordPress versions through 1.2.3 Description: The esri-map-view plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s esri-map-view shortcode. Insufficient input sanitization and outp...

WordPress plugin esri-map-view 跨站脚本漏洞

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

WordPress esri-map-view plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability discovered by Gilang in WordPress Plugin esri-map-view versions = 1.2.3...