WP Go Maps <= 9.0.29 - Cross-Site Scripting

WP Go Maps formerly WP Google Maps plugin for WordPress versions before 9.0.30 is vulnerable to Reflected Cross-Site Scripting via the 'mapid' parameter in the admin map edit page. id: CVE-2024-29931 info: name: WP Go Maps = 9.0.29 - Cross-Site Scripting author: Shivam Kamboj severity: medium...

WP Google Maps < 7.10.43 - Cross-Site Scripting

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO. id: CVE-2019-9912 info: name: WP Google Maps 7.10.43 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The wp-google-maps plugin before 7.10.43 for WordPress has XSS via t...

WP Google Maps < 9.0.48 - Cross-Site Scripting

WP Google Maps WordPress plugin 9.0.48 contains a stored XSS vulnerability caused by unsanitized user input in AJAX actions, letting unauthenticated attackers execute scripts via stored payloads. id: CVE-2025-11307 info: name: WP Google Maps 9.0.48 - Cross-Site Scripting author: 0xAkoko severity:...

EUVD-2021-11295

Malware in sbrugna...

EUVD-2019-5924

Malware in sbrugna...

EUVD-2021-23446

Malware in sbrugna...

EUVD-2019-19267

Malware in sbrugna...

EUVD-2014-7059

Malware in sbrugna...

EUVD-2021-23447

Malware in sbrugna...

EUVD-2024-26905

Malicious code in bioql PyPI...

CVE-2019-10692

In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement...

CVE-2019-9912

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATHINFO...

CVE-2019-14792

The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via the wp-admin/ rectanglename or rectangleopacity parameter...

CVE-2024-13306 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2025-24742 WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.40...

CVE-2025-24742 WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in WPGMaps WP Go Maps wp-google-maps.This issue affects WP Go Maps: from n/a through = 9.0.40...

WordPress WP Go Maps Plugin <= 9.0.36 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.36 Fixed in 9.0.37 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3557 Patch priority Low CVSS severity Low 6.5 Developer WP Go Maps PSID 5d4346327305 Credits Thanh Nam Tran Required privileg...

WordPress WP Go Maps Plugin <= 9.0.34 is vulnerable to Sensitive Data Exposure

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.34 Fixed in 9.0.35 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6777 Patch priority Low CVSS severity Low 5.3 Developer WP Go Maps PSID 29a9582f397d Credits WordFence Required privilege...

WP Google Maps < 9.0.30 - Reflected Cross-Site Scripting

Description The plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an...

WordPress WP Go Maps Plugin <= 9.0.29 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.29 Fixed in 9.0.30 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29931 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID ec3cfcab7699 Credits Rafie Muhammad Patchstack Required...