CVE-2025-23893

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...

EUVD-2025-3511

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2025-4131

The GmapsMania plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gmap shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CVE-2025-23893

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...

CVE-2025-23893 WordPress GMap Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...

CVE-2025-23893

CVE-2025-23893 : DOM-based XSS in GMap Shortcode (Manuel Costales) allowed by improper input neutralization during web page generation. Affected: GMap Shortcode versions up to 2.0 (n/a through 2.0). Public records from Red Hat repeat the vulnerability description; Wordfence lists the vulnerabilit...

WordPress plugin GMap Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...