164 matches found
Geo Mashup <= 1.13.17 - SQL Injection
Geo Mashup WordPress plugin = 1.13.17 contains a SQL injection caused by insufficient escaping of the 'sort' parameter, letting unauthenticated attackers extract sensitive database information remotely. id: CVE-2026-2416 info: name: Geo Mashup = 1.13.17 - SQL Injection author: Shivam Kamboj...
CVE-2026-7552
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
CVE-2026-7552
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
EUVD-2026-32734
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
CVE-2026-7552 Geo Mashup <= 1.13.19 - Missing Authorization to Unauthenticated Plugin Settings Disclosure via 'geo_mashup_content' Parameter
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
CVE-2026-7552
The CVE describes a vulnerability in the WordPress Geo Mashup plugin (versions
CVE-2026-7552 Geo Mashup <= 1.13.19 - Missing Authorization to Unauthenticated Plugin Settings Disclosure via 'geo_mashup_content' Parameter
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
WordPress plugin Geo Mashup 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-44201
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to expose sensitive plugin...
WordPress Geo Mashup plugin <= 1.13.19 - Missing Authorization to Unauthenticated Plugin Settings Disclosure vulnerability
Missing Authorization to Unauthenticated Plugin Settings Disclosure vulnerability discovered by t0ann9uy3n in WordPress Plugin Geo Mashup versions = 1.13.19...
CVE-2026-42734
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
EUVD-2026-32179
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
CVE-2026-42734 WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
CVE-2026-42734
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
CVE-2026-42734
The CVE-2026-42734 entry describes a Reflected Cross-Site Scripting (XSS) in the WordPress Geo Mashup plugin by Dylan Kuhn, affected up to Geo Mashup <= 1.13.19. Root cause: improper neutralization of input during web page generation. Affected software: Geo Mashup plugin for WordPress (versions
WordPress plugin Geo Mashup 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-43646
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Reflected XSS.This issue affects Geo Mashup: from n/a through = 1.13.19...
WordPress Geo Mashup plugin <= 1.13.19 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin Geo Mashup versions = 1.13.19...
CVE-2026-27427
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18...