CVE-2026-25323 WordPress OSM plugin <= 6.1.12 - Broken Access Control vulnerability

Missing Authorization vulnerability in MiKa OSM osm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OSM: from n/a through = 6.1.12...

CVE-2025-31557 WordPress OSM plugin <= 6.1.13 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MiKa OSM osm allows DOM-Based XSS.This issue affects OSM: from n/a through = 6.1.13...