Lucene search
K

362 matches found

Cvelist
Cvelist
added 2025/09/11 7:25 a.m.9 views

CVE-2025-9123 CBX Map for Google Map & OpenStreetMap <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup heading and location address parameters in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00216EPSS
Exploits0References3
CVE
CVE
added 2025/09/11 7:25 a.m.24 views

CVE-2025-9123

CVE-2025-9123 affects the CBX Map for Google Map & OpenStreetMap WordPress plugin. The stored XSS vulnerability exists in the popup heading and location address parameters in all versions up to and including 1.1.12, caused by insufficient input sanitization and output escaping. Authenticated user...

6.4CVSS6.1AI score0.00216EPSS
Exploits0References3
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-52732

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...

8.8CVSS0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.2 views

CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 Google Map Targeting allows PHP Local File Inclusion. This issue affects Google Map Targeting: from n/a through 1.1.6...

8.8CVSS7.3AI score0.00362EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:34 a.m.13 views

CVE-2025-52732

The CVE-2025-52732 entry concerns the WordPress Google Map Targeting plugin (versions up to 1.1.6) with an authenticated Local File Inclusion (LFI) vulnerability via improper control of include/require filenames. Public references corroborate LFI risk in Google Map Targeting 1.1.6. Monitor for f...

8.8CVSS5.9AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.11 views

CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...

8.8CVSS0.00362EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.4 views

PT-2025-33212 · Unknown · Realmag777 Google Map Targeting

Name of the Vulnerable Software and Affected Versions: RealMag777 Google Map Targeting versions through 1.1.6 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion in RealMag777 Google Map Targeting...

8.8CVSS6.5AI score0.00362EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.5 views

WordPress plugin Google Map Targeting 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

8.8CVSS6.4AI score0.00362EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/07/31 12:29 p.m.8 views

WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin GMap Targeting versions = 1.1.6...

8.8CVSS6.7AI score0.00362EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:10 a.m.7 views

CVE-2024-13220

The WordPress Google Map Professional Map In Your Language WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00565EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:37 a.m.9 views

CVE-2023-35772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Alain Gonzalez Google Map Shortcode plugin = 3.1.2 versions...

7.1CVSS5.9AI score0.00382EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.7 views

CVE-2023-2899

The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.9AI score0.00444EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:24 p.m.9 views

CVE-2021-24502

The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00668EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.25 views

CVE-2021-24130

Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user admin+...

7.2CVSS7.7AI score0.01416EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:36 a.m.9 views

CVE-2015-9308

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature...

8.8CVSS7.1AI score0.00699EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:25 a.m.10 views

CVE-2015-9307

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature...

8.8CVSS7.1AI score0.00699EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:50 a.m.9 views

CVE-2015-9309

The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature...

8.8CVSS7.1AI score0.00699EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 3:29 p.m.5 views

WordPress CBX Map for Google Map & OpenStreetMap plugin <= 1.1.12 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin CBX Map for Google Map & OpenStreetMap versions = 1.1.12...

6.5CVSS7.1AI score0.00169EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/05/07 3:16 p.m.11 views

CVE-2025-47669

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through = 1.1.12...

6.5CVSS0.00169EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.55 views

CVE-2025-47669

CVE-2025-47669 affects the WordPress plugin CBX Map for Google Map & OpenStreetMap (versions 1.1.12 and earlier). The issue is a DOM-based XSS caused by improper input neutralization during web page generation. Affected product: CBX Map for Google Map & OpenStreetMap. Impact per provided data: Cr...

6.5CVSS7.2AI score0.00169EPSS
Exploits0References1
Rows per page
Query Builder