Lucene search
K

89 matches found

Patchstack
Patchstack
added 2026/03/27 11:37 a.m.6 views

WordPress DSGVO snippet for Leaflet Map and its Extensions plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'unset' Attribute vulnerability discovered by zaim in WordPress Plugin DSGVO snippet for Leaflet Map and its Extensions versions = 3.1...

6.4CVSS5.9AI score0.00235EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/27 4:59 a.m.2 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/26 6:30 a.m.3 views

EUVD-2026-16106

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
NVD
NVD
added 2026/03/26 5:16 a.m.2 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00235EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/26 4:28 a.m.37 views

CVE-2026-4389 DSGVO snippet for Leaflet Map and its Extensions <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00235EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:28 a.m.3 views

CVE-2026-4389

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/26 4:28 a.m.1 views

CVE-2026-4389 DSGVO snippet for Leaflet Map and its Extensions <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References5
CVE
CVE
added 2026/03/26 4:28 a.m.12 views

CVE-2026-4389

The CVE-2026-4389 entry concerns the DSGVO snippet for the Leaflet Map and its Extensions WordPress plugin. Affected: Leaflet Map and Extensions, all versions up to 3.1. Issue: Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes due to insufficient input s...

6.4CVSS6AI score0.00235EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.12 views

WordPress plugin DSGVO snippet for Leaflet Map and its Extensions 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS5.6AI score0.00235EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.5 views

PT-2026-28206

The DSGVO snippet for Leaflet Map and its Extensions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the leafext-cookie-time and leafext-delete-cookie shortcodes in all versions up to, and including, 3.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS6AI score0.00235EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.15 views

CVE-2023-31074

Unauth. Reflected Cross-Site Scripting XSS vulnerability in hupe13 Extensions for Leaflet Map plugin = 3.4.1 versions...

7.1CVSS5.9AI score0.00379EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/11/23 7:1 p.m.9 views

WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Extensions for Leaflet Map versions = 4.8...

6.5CVSS6.1AI score0.00134EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/22 12:34 p.m.13 views

CVE-2025-66093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS6.3AI score0.00134EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/21 3:31 p.m.18 views

EUVD-2025-198455

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

5.9AI score0.00134EPSS
Exploits0References2
NVD
NVD
added 2025/11/21 1:15 p.m.20 views

CVE-2025-66093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/21 12:29 p.m.22 views

CVE-2025-66093 WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS0.00134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/21 12:29 p.m.2 views

CVE-2025-66093 WordPress Extensions for Leaflet Map plugin <= 4.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.5CVSS6AI score0.00134EPSS
Exploits0References1
CVE
CVE
added 2025/11/21 12:29 p.m.18 views

CVE-2025-66093

The CVE-2025-66093 entry concerns the WordPress plugin Extensions for Leaflet Map (extensions-leaflet-map). The issue is a DOM-based XSS caused by improper input neutralization during web page generation, affecting Extensions for Leaflet Map versions up to 4.8. Wordfence notes this vulnerability ...

6.5CVSS6AI score0.00134EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/21 12:0 a.m.8 views

PT-2025-47761

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hupe13 Extensions for Leaflet Map extensions-leaflet-map allows DOM-Based XSS.This issue affects Extensions for Leaflet Map: from n/a through = 4.8...

6.4AI score0.00134EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/21 12:0 a.m.5 views

WordPress plugin Extensions for Leaflet Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00134EPSS
Exploits0References1
Rows per page
Query Builder