WordPress Open User Map plugin <= 1.4.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Open User Map versions = 1.4.0...

CVE-2025-68002

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...

CVE-2025-68002

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...

CVE-2025-68002

CVE-2025-68002 affects WordPress plugin Open User Map (&lt;= 1.4.16). The issue is path traversal allowing arbitrary file download. Wordfence reports this as an active vulnerability with patched status; PatchStack notes the vulnerability as Open User Map

CVE-2025-68002 WordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through = 1.4.16...

WordPress plugin Open User Map 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-21068

Name of the Vulnerable Software and Affected Versions 100plugins Open User Map versions through 1.4.16 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, also known as Path Traversal. This allows unauthorized access to files and...

WordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Open User Map versions = 1.4.16...

EUVD-2023-49377

Malicious code in bioql PyPI...

EUVD-2025-30704

Malicious code in bioql PyPI...

CVE-2025-57953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin Open User Map versions = 1.4.14...

CVE-2025-57953 WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57953 WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57953

The CVE-2025-57953 entry concerns the WordPress plugin Open User Map. Affected range: Open User Map from n/a through 1.4.14. The vulnerability is a DOM-Based XSS caused by Improper Neutralization of Input During Web Page Generation (Cross-site Scripting). The CVSS metrics indicate base score 6.5 ...

WordPress plugin Open User Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38803

Name of the Vulnerable Software and Affected Versions 100plugins Open User Map versions through 1.4.14 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a DOM-Based Cross-site Scripting issue. This allows for the execution of...

CVE-2023-45056

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in 100plugins Open User Map plugin = 1.3.26 versions...

Open User Map | Everybody can add locations < 1.3.27 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...