Lucene search
K

2581 matches found

Patchstack
Patchstack
added 2026/06/05 2:37 p.m.12 views

WordPress MapPress Maps for WordPress plugin <= 2.96.6 - Unauthenticated Insecure Direct Object Reference vulnerability

Unauthenticated Insecure Direct Object Reference vulnerability discovered by Kitch - KitchGlobal in WordPress Plugin MapPress Maps for WordPress versions = 2.96.6...

5.3CVSS5.4AI score0.00813EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/05 12:0 a.m.11 views

WordPress WP Go Maps – Google Maps, OpenStreetMap, Leaflet Map plugin <= 10.0.09 - Unauthenticated Sensitive Information Disclosure vulnerability

Unauthenticated Sensitive Information Disclosure vulnerability discovered by Sudhanshu Chauhan - RedHunt Labs in WordPress Plugin WP Go Maps versions = 10.0.09...

5.3CVSS5.5AI score0.00192EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/06/04 4:22 p.m.79 views

Exploit for CVE-2026-8732

CVE-2026-8732 – WordPress WP Maps Pro Exploit Unauthenticat...

9.8CVSS6AI score0.09461EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/06/02 2:51 a.m.96 views

Exploit for CVE-2026-8732

WP Maps Pro Unauthenticated Stored Cross-Site Scripting CVE-2...

9.8CVSS5.9AI score0.09461EPSS
Exploits7
The Hacker News
The Hacker News
added 2026/06/01 8:45 a.m.15 views

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows site owners to embed customizable Google Map...

9.8CVSS5.7AI score0.09461EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/05/30 6:42 a.m.151 views

Exploit for CVE-2026-8732

CVE-2026-8732 - WP Maps Pro &checktemp=false' 3. Login via...

9.8CVSS5.8AI score0.09461EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/05/30 12:28 a.m.259 views

Exploit for CVE-2026-8732

CVE-2026-8732 — WP Maps Pro ≤ 6.1.0 ♡ Unauthenticated Privil...

9.8CVSS5.8AI score0.09461EPSS
Exploits7
NVD
NVD
added 2026/05/29 8:16 p.m.28 views

CVE-2026-46385

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state inside the loop body. Reader.ReadBlockHeader returns the count as a Go int, which is 64-bit on amd64 ...

8.7CVSS0.00378EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/05/29 9:24 a.m.16 views

WordPress WP Maps Pro plugin <= 6.0.4 - Unauthenticated Privilege Escalation vulnerability

Unauthenticated Privilege Escalation vulnerability discovered by David Brown in WordPress Plugin Advanced Google Maps versions = 6.0.4...

9.8CVSS5.8AI score0.09461EPSS
Exploits7References1Affected Software1
NVD
NVD
added 2026/05/29 7:16 a.m.17 views

CVE-2026-8732

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...

9.8CVSS0.09461EPSS
Exploits7References2
Vulnrichment
Vulnrichment
added 2026/05/29 5:32 a.m.12 views

CVE-2026-8732 WP Maps Pro <= 6.1.0 - Unauthenticated Privilege Escalation via Administrator Account Creation to wpgmp_temp_access_ajax AJAX Action

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...

9.8CVSS5.7AI score0.09461EPSS
Exploits7References2
CVE
CVE
added 2026/05/29 5:32 a.m.103 views

CVE-2026-8732

Summary of CVE-2026-8732 : The WP Maps Pro WordPress plugin (≤ 6.1.0) is vulnerable to unauthenticated privilege escalation via Administrator Account Creation. The root cause is the wpgmp_temp_access_ajax action registered for both authenticated and unauthenticated requests, protected only by a p...

9.8CVSS5.7AI score0.09461EPSS
In wildExploits7References2
SUSE CVE
SUSE CVE
added 2026/05/29 1:16 a.m.13 views

SUSE CVE-2026-46115

In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous bvec segments can be coalesced into one. It currently h...

5.5CVSS5.7AI score0.00491EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.92 views

VulnCheck KEV: CVE-2026-8732

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...

9.8CVSS5.7AI score0.09461EPSS
In wildExploits7References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

WordPress plugin WP Maps Pro 访问控制错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS6AI score0.09461EPSS
Exploits7References2
Wordfence Blog
Wordfence Blog
added 2026/05/28 7:19 p.m.12 views

15,000 WordPress Sites Affected by Administrator Account Creation Vulnerability in WP Maps Pro WordPress Plugin

On March 24th, 2026, we received a submission for an Unauthenticated Administrator Account Creation vulnerability in WP Maps Pro, a WordPress plugin with more than 15,000 sales. This vulnerability makes it possible for unauthenticated attackers to create new administrator accounts on the affected...

9.8CVSS6AI score0.09461EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.14 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS6.1AI score0.00126EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/28 1:35 p.m.25 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.6AI score0.00675EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/05/28 8:47 a.m.27 views

kernel: libceph: make decode_pool() more resilient against corrupted osdmaps

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

7.1CVSS6.1AI score0.00126EPSS
Exploits0References5
NVD
NVD
added 2026/05/28 8:16 a.m.15 views

CVE-2026-7552

The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...

5.3CVSS0.00333EPSS
Exploits0References11
Rows per page
Query Builder