MapSVG < 6.2.20 - Unauthenticated SQLi

The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users. id: CVE-2022-0592 info: name: MapSVG 6.2.20 - Unauthenticated SQLi author: DhiyaneshDK...

CVE-2025-68562

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

EUVD-2025-205656

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

CVE-2025-68562

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

CVE-2025-68562 WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

CVE-2025-68562

CVE-2025-68562 : MapSVG (Vector/Image/Google Maps)

CVE-2025-68562 WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

PT-2025-53797

Name of the Vulnerable Software and Affected Versions MapSVG versions through 8.7.3 Description The software contains a flaw that permits unrestricted file uploads of dangerous types. This allows for the upload of a web shell to a web server. The issue grants attackers webshell capabilities with...

WordPress plugin MapSVG 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter in WordPress Plugin MapSVG versions = 8.7.3...

CVE-2025-54748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

EUVD-2025-204197

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748 WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748 WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748

Summary: CVE-2025-54748 concerns the WordPress MapSVG plugin with a path traversal flaw in versions before 8.6.12. The issue arises from improper limitation of a pathname, enabling traversal to restricted directories and enabling an arbitrary file download vulnerability. Affected software: MapSVG...

WordPress plugin MapSVG 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-52049

Name of the Vulnerable Software and Affected Versions MapSVG versions prior to 8.6.12 Description A Path Traversal issue exists in MapSVG. This allows an attacker to potentially access restricted directories. The issue is due to improper limitation of a pathname. Recommendations Update MapSVG to...

CVE-2025-62930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.22...

EUVD-2025-36011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.15...