Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/02/15 7:10 a.m.12 views

CVE-2026-1096

The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...

6.4CVSS5.8AI score0.00245EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/14 6:42 a.m.4 views

CVE-2026-1096

The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...

6.4CVSS5.7AI score0.00245EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-23734

Malicious code in bioql PyPI...

6.4CVSS4.5AI score0.00235EPSS
Exploits0References2
CNVD
CNVD
added 2025/08/12 12:0 a.m.4 views

WordPress esri-map-view cross-site scripting vulnerability

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

6.4CVSS6AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/08 2:31 a.m.10 views

CVE-2025-6259

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2025/08/06 2:15 a.m.4 views

CVE-2025-6259

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00235EPSS
Exploits0References2
CVE
CVE
added 2025/08/06 1:45 a.m.25 views

CVE-2025-6259

The CVE-2025-6259 entry refers to a stored XSS vulnerability in the WordPress esri-map-view plugin (

6.4CVSS5.6AI score0.00235EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/06 1:45 a.m.5 views

CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00235EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/06 1:45 a.m.7 views

CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode

The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00235EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.3 views

WordPress plugin esri-map-view 跨站脚本漏洞

WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...

6.4CVSS5.9AI score0.00235EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.4 views

PT-2025-32032 · WordPress · Esri-Map-View

Name of the Vulnerable Software and Affected Versions: esri-map-view plugin for WordPress versions through 1.2.3 Description: The esri-map-view plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s esri-map-view shortcode. Insufficient input sanitization and outp...

6.4CVSS5.8AI score0.00235EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/08/05 10:43 p.m.7 views

WordPress esri-map-view plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability discovered by Gilang in WordPress Plugin esri-map-view versions = 1.2.3...

6.4CVSS3.6AI score0.00235EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2024/03/19 11:30 a.m.43 views

GAP-Burp-Extension - Burp Extension To Find Potential Endpoints, Parameters, And Generate A Custom Target Wordlist

This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can b...

7.4AI score
Exploits0References2
Openbugbounty
Openbugbounty
added 2018/08/10 1:58 p.m.49 views

addictionblog.org XSS vulnerability

Open Bug Bounty ID: OBB-662220 Description| Value ---|--- Affected Website:| addictionblog.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
OSV
OSV
added 2017/09/13 8:29 a.m.4 views

CVE-2017-14398

rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...

7.8CVSS5.9AI score0.00288EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2011/09/12 12:0 a.m.26 views

Orion SolarWinds 10.1.2 Cross Site Scripting

Software : Orion SolarWinds 10.1.2 - SP1 XSS -----------------------------------------------------------------------------------------------------------------------------------------------------------------...

0.4AI score
Exploits0
Rows per page
Query Builder