13 matches found
CVE-2026-4429
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
WordPress OSM plugin <= 6.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marker_name' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'markername' Shortcode Attribute vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin OSM versions = 6.1.15...
EUVD-2026-20837
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429 OSM <= 6.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marker_name' Shortcode Attribute
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429 OSM <= 6.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marker_name' Shortcode Attribute
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429
CVE-2026-4429 concerns the WordPress plugin OSM – OpenStreetMap (vulnerable up to 6.1.15). The flaw is a Stored Cross‑Site Scripting via the [osm_map_v3] shortcode attributes, specifically marker_name and file_color_list , due to insufficient input sanitization and output escaping. With authentic...
PT-2026-31570
Name of the Vulnerable Software and Affected Versions OSM – OpenStreetMap plugin for WordPress versions up to and including 6.1.15 Description The OSM – OpenStreetMap plugin for WordPress is susceptible to Stored Cross-Site Scripting through the marker name and file color list shortcode attribute...
CVE-2024-4968
A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the component Add Marker. The manipulation leads to cross site scripting. The attack may be launched...
CVE-2024-4968 SourceCodester Interactive Map with Marker Add Marker Marker Name cross site scripting
A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the component Add Marker. The manipulation leads to cross site scripting. The attack may be launched...
CVE-2024-4968
CVE-2024-4968 affects SourceCodester Interactive Map with Marker 1.0, specifically the file/component described as Add Marker (Marker Name). The vulnerability is a cross-site scripting flaw introduced by the Add Marker functionality, which can be exploited remotely. Public disclosures exist and t...
CVE-2024-4968 SourceCodester Interactive Map with Marker Add Marker Marker Name cross site scripting
A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the component Add Marker. The manipulation leads to cross site scripting. The attack may be launched...