CVE-2025-9044
- EPSS 0.24%
- Veröffentlicht 26.09.2025 04:16:02
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple fields in versions up to, and including, 1.20.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated at...
CVE-2024-10592
- EPSS 0.77%
- Veröffentlicht 16.11.2024 10:15:04
- Zuletzt bearbeitet 15.04.2026 00:35:42
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for aut...
CVE-2024-9235
- EPSS 0.48%
- Veröffentlicht 25.10.2024 07:15:05
- Zuletzt bearbeitet 05.11.2024 17:36:01
The Mapster WP Maps plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to an insufficient capability check on the mapster_wp_maps_set_option_from_js() function in all versions up to, and ...
CVE-2024-21744
- EPSS 0.33%
- Veröffentlicht 08.01.2024 17:15:07
- Zuletzt bearbeitet 28.04.2026 19:23:09
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapster Technology Inc. Mapster WP Maps allows Stored XSS.This issue affects Mapster WP Maps: from n/a through 1.2.38.