362 matches found
CVE-2025-9123 CBX Map for Google Map & OpenStreetMap <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup heading and location address parameters in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-9123
CVE-2025-9123 affects the CBX Map for Google Map & OpenStreetMap WordPress plugin. The stored XSS vulnerability exists in the popup heading and location address parameters in all versions up to and including 1.1.12, caused by insufficient input sanitization and output escaping. Authenticated user...
CVE-2025-52732
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...
CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 Google Map Targeting allows PHP Local File Inclusion. This issue affects Google Map Targeting: from n/a through 1.1.6...
CVE-2025-52732
The CVE-2025-52732 entry concerns the WordPress Google Map Targeting plugin (versions up to 1.1.6) with an authenticated Local File Inclusion (LFI) vulnerability via improper control of include/require filenames. Public references corroborate LFI risk in Google Map Targeting 1.1.6. Monitor for f...
CVE-2025-52732 WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...
PT-2025-33212 · Unknown · Realmag777 Google Map Targeting
Name of the Vulnerable Software and Affected Versions: RealMag777 Google Map Targeting versions through 1.1.6 Description: This issue involves an improper control of filename for include/require statements in PHP programs, specifically a PHP Local File Inclusion in RealMag777 Google Map Targeting...
WordPress plugin Google Map Targeting 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin GMap Targeting versions = 1.1.6...
CVE-2024-13220
The WordPress Google Map Professional Map In Your Language WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-35772
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Alain Gonzalez Google Map Shortcode plugin = 3.1.2 versions...
CVE-2023-2899
The Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2021-24502
The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfilteredhtml capability is disallowed...
CVE-2021-24130
Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user admin+...
CVE-2015-9308
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature...
CVE-2015-9307
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature...
CVE-2015-9309
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature...
WordPress CBX Map for Google Map & OpenStreetMap plugin <= 1.1.12 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin CBX Map for Google Map & OpenStreetMap versions = 1.1.12...
CVE-2025-47669
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through = 1.1.12...
CVE-2025-47669
CVE-2025-47669 affects the WordPress plugin CBX Map for Google Map & OpenStreetMap (versions 1.1.12 and earlier). The issue is a DOM-based XSS caused by improper input neutralization during web page generation. Affected product: CBX Map for Google Map & OpenStreetMap. Impact per provided data: Cr...