12 matches found
WordPress Maps for WP plugin <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Maps for WP versions = 1.2.4...
CVE-2025-57952 WordPress Maps for WP Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through = 1.2.5...
CVE-2025-32179
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through = 1.2.4...
CVE-2025-32179
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through = 1.2.4...
CVE-2025-32179 WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in icopydoc Maps for WP maps-for-wp allows Stored XSS.This issue affects Maps for WP: from n/a through = 1.2.4...
CVE-2025-32179
CVE-2025-32179 : The WordPress plugin Maps for WP is affected by a Stored Cross-Site Scripting (XSS) vulnerability due to improper neutralization during web page generation. The issue affects Maps for WP versions up to 1.2.4 and is described as an authenticated (Contributor+) vulnerability. Publi...
WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Maps for WP versions = 1.2.4...
CVE-2024-13648
The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13648
The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13648 Maps for WP <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-13648
The CVE-2024-13648 entry for Maps for WP is supported by connected Wordfence details that describe a Stored Cross-Site Scripting via the MapOnePoint shortcode in all versions up to 1.2.4, exploitable by authenticated users with contributor+ privileges. The underlying issue is insufficient input s...
CVE-2024-13648 Maps for WP <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...