CVE-2025-11703
- EPSS 0.03%
- Veröffentlicht 18.10.2025 06:42:46
- Zuletzt bearbeitet 21.10.2025 19:31:25
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 9.0.48. This is due to the plugin not serving cached data from server-side responses and instead relying on user-inpu...
CVE-2025-11166
- EPSS 0.02%
- Veröffentlicht 09.10.2025 02:15:41
- Zuletzt bearbeitet 09.10.2025 15:50:04
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is due to the plugin exposing state-changing REST actions through an AJAX bridge witho...
CVE-2023-6697
- EPSS 48.65%
- Veröffentlicht 24.01.2024 14:15:08
- Zuletzt bearbeitet 21.11.2024 08:44:23
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes...