17 matches found
CVE-2025-12754
The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-60960
The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-12754
The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-12754 Geopost <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-12754
CVE-2025-12754 (Geopost WordPress plugin) : Concrete details are provided across multiple connected sources. The Geopost plugin (WordPress) is affected in all versions up to 1.2 and is vulnerable to Stored Cross-Site Scripting via the height parameter of the geopost shortcode. The root cause is i...
CVE-2025-12754 Geopost <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Geopost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter of the 'geopost' shortcode in all versions up to, and including, 1.2. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Geopost plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Geopost versions = 1.2...
WordPress plugin Geopost 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-46296
Name of the Vulnerable Software and Affected Versions Geopost plugin for WordPress versions prior to 1.3 Description The Geopost plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter of the 'geopost' shortcode. This is caused by inadequate input...
Malicious Package
Overview geopost-web-component is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-36885
Malicious code in geopost-angular-components npm...
Malicious Package
Overview geopost-angular-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2025-49087 Malicious code in geopost-angular-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b519cc34afbb8ac8a6adcebfa4765a2553ad14947386e79821c5ad76ad67684a The package geopost-angular-components was found to contain malicious code. Source: ghsa-malware...
Malicious code in geopost-angular-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b519cc34afbb8ac8a6adcebfa4765a2553ad14947386e79821c5ad76ad67684a The package geopost-angular-components was found to contain malicious code. Source: ghsa-malware...
Malicious code in geopost-web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da57d3bad54c135655781ae00e108e90ad9a31f6eaa11327df5d4654a411f0d7 The package geopost-web-component was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-36572
Malicious code in geopost-web-component npm...
MAL-2025-48947 Malicious code in geopost-web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da57d3bad54c135655781ae00e108e90ad9a31f6eaa11327df5d4654a411f0d7 The package geopost-web-component was found to contain malicious code. Source: ghsa-malware...