CVE-2025-2055
MapPress Maps for WordPress < 2.94.9 - Contributor+ Stored XSS
The MapPress Maps for WordPress plugin before 2.94.9 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
Unknown · MapPress Maps for WordPressQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →