Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.15 views

CVE-2026-4061

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'mapposttype' parameter in all versions up to, and including, 1.13.18. This is due to the SearchResults hook explicitly calling stripslashesdeep$POST which removes WordPress magic quotes protection, followed by...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/02 11:16 a.m.22 views

EUVD-2026-26779

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'mapposttype' parameter in all versions up to, and including, 1.13.18. This is due to the SearchResults hook explicitly calling stripslashesdeep$POST which removes WordPress magic quotes protection, followed by...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.11 views

PT-2026-36607

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'map post type' parameter in all versions up to, and including, 1.13.18. This is due to the SearchResults hook explicitly calling stripslashes deep$ POST which removes WordPress magic quotes protection, followed...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References6
Cvelist
Cvelist
added 2015/02/02 3:0 p.m.39 views

CVE-2015-1383

Cross-site scripting XSS vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key...

5.8AI score0.01959EPSS
Exploits1References3
CVE
CVE
added 2015/02/02 3:0 p.m.42 views

CVE-2015-1383

CVE-2015-1383 concerns the WordPress Geo Mashup plugin (versions prior to 1.8.3). The vulnerability is a Cross‑Site Scripting (XSS) flaw in the plugin’s geo search widget, where the input from the user’s search key is not properly sanitized, allowing an attacker to inject arbitrary scripts into t...

4.3CVSS6AI score0.01959EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2015/02/02 12:0 a.m.8 views

PT-2015-5256 · WordPress · Geo Mashup

Name of the Vulnerable Software and Affected Versions: Geo Mashup plugin versions prior to 1.8.3 Description: The issue is related to a cross-site scripting XSS vulnerability in the geo search widget of the Geo Mashup plugin for WordPress. This vulnerability allows remote attackers to inject...

4.3CVSS5.9AI score0.01959EPSS
Exploits1References6
Rows per page
Query Builder