16 matches found
CVE-2026-1096
The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...
CVE-2026-1096
The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'latitude' and 'longitudinal' parameters of the 'googlemapview' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping. This makes it possible f...
EUVD-2025-23734
Malicious code in bioql PyPI...
WordPress esri-map-view cross-site scripting vulnerability
WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...
CVE-2025-6259
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-6259
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-6259
The CVE-2025-6259 entry refers to a stored XSS vulnerability in the WordPress esri-map-view plugin (
CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-6259 esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode
The esri-map-view plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's esri-map-view shortcode in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress plugin esri-map-view 跨站脚本漏洞
WordPress esri-map-view is used to embed Esri/ArcGIS maps or scenes in websites. The plugin realizes map display through short code, supports selecting base map, setting initial view angle, adding custom layers, pop-up information window and other functions, and can embed preconfigured web maps o...
PT-2025-32032 · WordPress · Esri-Map-View
Name of the Vulnerable Software and Affected Versions: esri-map-view plugin for WordPress versions through 1.2.3 Description: The esri-map-view plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s esri-map-view shortcode. Insufficient input sanitization and outp...
WordPress esri-map-view plugin <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via esri-map-view Shortcode vulnerability discovered by Gilang in WordPress Plugin esri-map-view versions = 1.2.3...
GAP-Burp-Extension - Burp Extension To Find Potential Endpoints, Parameters, And Generate A Custom Target Wordlist
This is an evolution of the original getAllParams extension for Burp. Not only does it find more potential parameters for you to investigate, but it also finds potential links to try these parameters on, and produces a target specific wordlist to use for fuzzing. The full Help documentation can b...
addictionblog.org XSS vulnerability
Open Bug Bounty ID: OBB-662220 Description| Value ---|--- Affected Website:| addictionblog.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-14398
rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection...
Orion SolarWinds 10.1.2 Cross Site Scripting
Software : Orion SolarWinds 10.1.2 - SP1 XSS -----------------------------------------------------------------------------------------------------------------------------------------------------------------...