Lucene search
K

204 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-57393

Malicious code in bioql PyPI...

6.4CVSS6.2AI score0.00421EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52001

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00562EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32245

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-37620

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00261EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-24466

Malicious code in bioql PyPI...

7.2CVSS7AI score0.01062EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2023-35403

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-25498 Malicious code in loclys-leaflet-routing-machine (npm)

The package loclys-leaflet-routing-machine was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in loclys-leaflet-routing-machine (npm)

The package loclys-leaflet-routing-machine was found to contain malicious code...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/31 8:53 a.m.16 views

CVE-2025-5122

The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/29 8:22 a.m.7 views

CVE-2025-5122 Map Block Leaflet <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter

The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

6.4CVSS5.9AI score0.0032EPSS
Exploits0References4
CVE
CVE
added 2025/05/29 8:22 a.m.53 views

CVE-2025-5122

CVE-2025-5122 maps to Map Block Leaflet for WordPress. Affected: versions up to 3.2.1 with stored cross-site scripting via the url parameter due to insufficient input sanitization and output escaping. Exploitation requires an authenticated user with Contributor-level access or higher; injected sc...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.4 views

PT-2025-23144 · WordPress · Map Block Leaflet

Name of the Vulnerable Software and Affected Versions: The Map Block Leaflet plugin for WordPress versions up to, and including, 3.2.1 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping via the url parameter. This allows...

6.4CVSS5.7AI score0.0032EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

WordPress plugin Map Block Leaflet 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

6.4CVSS6AI score0.0032EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:18 a.m.3 views

CVE-2024-3670

The Leaflet Maps Marker Google Maps, OpenStreetMap, Bing Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mapsmarker' shortcode in all versions up to, and including, 3.12.8 due to insufficient input sanitization and output escaping on user supplied attribut...

6.4CVSS6AI score0.00435EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:40 a.m.5 views

CVE-2023-5050

The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level and above permissions to...

6.4CVSS6.1AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:23 a.m.9 views

CVE-2022-4677

The Leaflet Maps Marker WordPress plugin before 3.12.7 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS6AI score0.00562EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 p.m.11 views

CVE-2022-1123

The Leaflet Maps Marker Google Maps, OpenStreetMap, Bing Maps WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks...

7.2CVSS7.7AI score0.01062EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:3 p.m.4 views

CVE-2021-24467

The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its settings, which allows attackers to make a logged in admin update the settings via a Cross-Site Request Forgery attack. This could lead to Cross-Site Scripting issues by either changing the URL of the...

6.5CVSS6.2AI score0.0056EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:24 p.m.8 views

CVE-2021-24468

The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues...

5.4CVSS5.8AI score0.00624EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/03/05 1:55 p.m.25 views

CVE-2025-27278

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Ghedini AcuGIS Leaflet Maps mapfig-premium-leaflet-map-maker allows Reflected XSS.This issue affects AcuGIS Leaflet Maps: from n/a through = 5.1.1.0...

7.1CVSS7.2AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder