111 matches found
Sangfor OSM - Arbitrary File Upload
Sangfor Operation and Maintenance Management System = 3.0.8 contains an unrestricted file upload vulnerability caused by manipulation of the "File" argument in /fort/trust/version/common/common.jsp, letting remote attackers upload arbitrary files, exploit requires no special privileges. id:...
CVE-2026-4429
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429 OSM <= 6.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marker_name' Shortcode Attribute
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'markername' and 'filecolorlist' shortcode attribute of the osmmapv3 shortcode in all versions up to and including 6.1.15. This is due to insufficient input sanitization and output escaping. This mak...
CVE-2026-4429
CVE-2026-4429 concerns the WordPress plugin OSM – OpenStreetMap (vulnerable up to 6.1.15). The flaw is a Stored Cross‑Site Scripting via the [osm_map_v3] shortcode attributes, specifically marker_name and file_color_list , due to insufficient input sanitization and output escaping. With authentic...
CVE-2026-25323 WordPress OSM plugin <= 6.1.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in MiKa OSM osm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OSM: from n/a through = 6.1.12...
PT-2026-20693
Missing Authorization vulnerability in MiKa OSM osm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OSM: from n/a through = 6.1.12...
WordPress OSM plugin <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając - CERT PL in WordPress Plugin OSM versions = 6.0.3...
WordPress OSM plugin <= 6.1.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin OSM versions = 6.1.12...
EUVD-2021-1155
Malware in sbrugna...
EUVD-2012-1657
Malware in sbrugna...
EUVD-2018-13826
Malware in sbrugna...
EUVD-2024-45860
Malicious code in bioql PyPI...
EUVD-2025-26176
Malicious code in bioql PyPI...
EUVD-2024-44265
Malicious code in bioql PyPI...
CVE-2025-8619
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map Block URL in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8619 OSM Map Widget for Elementor <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL
The OSM Map Widget for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map Block URL in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8619
The CVE-2025-8619 issue concerns the WordPress OSM Map Widget for Elementor plugin. A stored cross-site scripting flaw exists in the Map Block URL handling for all versions up to 1.3.0, caused by insufficient input sanitization and output escaping of user-supplied attributes. Authenticated attack...
PT-2025-35189
Name of the Vulnerable Software and Affected Versions: OSM Map Widget for Elementor plugin for WordPress versions prior to 1.3.1 Description: The OSM Map Widget for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Map Block URL due to inadequate input...
WordPress OSM Map Widget for Elementor plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Button URL vulnerability discovered by zer0gh0st in WordPress Plugin OSM Map Widget for Elementor versions = 1.3.0...