CVE-2024-52355
- EPSS 0.2%
- Veröffentlicht 11.11.2024 07:15:07
- Zuletzt bearbeitet 01.04.2026 16:20:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MiKa OSM osm.This issue affects OSM: from n/a through <= 6.1.2.
CVE-2024-8991
- EPSS 1.45%
- Veröffentlicht 27.09.2024 07:15:05
- Zuletzt bearbeitet 04.10.2024 18:56:30
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping on use...
CVE-2024-3604
- EPSS 0.77%
- Veröffentlicht 09.07.2024 09:15:05
- Zuletzt bearbeitet 08.04.2026 19:21:24
The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'tagged_filter' attribute of the 'osm_map_v3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and la...
CVE-2024-3603
- EPSS 0.4%
- Veröffentlicht 09.07.2024 09:15:04
- Zuletzt bearbeitet 08.04.2026 18:21:28
The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'osm_map' shortcode in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping on user supplied att...
CVE-2022-30544
- EPSS 0.11%
- Veröffentlicht 17.01.2023 05:15:12
- Zuletzt bearbeitet 21.11.2024 07:02:54
Cross-Site Request Forgery (CSRF) in MiKa's OSM – OpenStreetMap plugin <= 6.0.1 versions.