47 matches found
CVE-2025-62930
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.22...
PT-2025-43806
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.15...
EUVD-2019-1727
Malware in sbrugna...
EUVD-2025-10559
Malicious code in bioql PyPI...
EUVD-2025-10565
Malicious code in bioql PyPI...
EUVD-2025-15521
Malicious code in bioql PyPI...
EUVD-2025-11734
Malicious code in bioql PyPI...
CVE-2025-48120
Improper Control of Generation of Code 'Code Injection' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Code Injection.This issue affects MapSVG: from n/a through = 8.6.9...
CVE-2025-48120
Improper Control of Generation of Code 'Code Injection' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Code Injection.This issue affects MapSVG: from n/a through = 8.6.9...
CVE-2025-48120 WordPress MapSVG Lite plugin <= 8.6.4 - Arbitrary Shortcode Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in RomanCode MapSVG Lite allows Code Injection. This issue affects MapSVG Lite: from n/a through 8.6.4...
CVE-2025-48120
CVE-2025-48120 (MapSVG Lite) is an improper generation of code vulnerability in the WordPress MapSVG Lite plugin, enabling arbitrary shortcode execution (code injection). Affected: MapSVG Lite versions up to 8.6.4. Public docs indicate a vendor-provided fix was released: MapSVG Lite 8.6.9 and lat...
CVE-2025-48120 WordPress MapSVG Lite plugin <= 8.6.9 - Arbitrary Shortcode Execution vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Code Injection.This issue affects MapSVG: from n/a through = 8.6.9...
WordPress MapSVG Lite plugin <= 8.6.9 - Arbitrary Shortcode Execution vulnerability
Arbitrary Shortcode Execution vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin MapSVG versions = 8.6.9...
PT-2025-21725 · Unknown · Mapsvg Lite
Name of the Vulnerable Software and Affected Versions: MapSVG Lite versions n/a through 8.6.4 Description: The issue is related to an Improper Control of Generation of Code, also known as 'Code Injection', which affects MapSVG Lite. This allows for Code Injection. Recommendations: For versions n/...
WordPress plugin MapSVG Lite 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...
CVE-2025-32682
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through = 8.6.4...
Exploit for CVE-2025-32682
🐚 CVE-2025-32682 - Arbitrary File Upload in MapSVG Lite --...
CVE-2025-32682
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through = 8.6.4...
CVE-2025-32682 WordPress MapSVG Lite plugin <= 8.6.4 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through = 8.6.4...
CVE-2025-32682
The CVE-2025-32682 issue affects MapSVG Lite for WordPress (versions up to 8.5.34). The vulnerability stems from an unchecked SVG upload endpoint at /wp-json/mapsvg/v1/svgfile, where the code uploads files without validating type, extension, or contents, enabling an authenticated attacker (Subscr...