| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-32179 | WordPress Maps for WP Plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability | icopydoc | Maps for WP | Medium | 6.5 | 2025-04-04 15:58:56 | Deep Dive |
| CVE-2025-32138 | WordPress Easy Google Maps plugin <= 1.11.18 - XML External Entity vulnerability | supsystic | Easy Google Maps | Medium | 6.6 | 2025-04-04 15:58:32 | Deep Dive |
| CVE-2025-2279 | Maps - Google Maps <= 1.0.6 - Contributor+ Stored XSS | Unknown | Maps | - | - | 2025-04-04 06:00:05 | Deep Dive |
| CVE-2025-2055 | MapPress Maps for WordPress < 2.94.9 - Contributor+ Stored XSS | Unknown | MapPress Maps for WordPress | - | - | 2025-04-03 06:00:05 | Deep Dive |
| CVE-2025-28858 | WordPress Arrow Maps plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability | Arrow Plugins | Arrow Maps | - | - | 2025-03-26 14:24:22 | Deep Dive |
| CVE-2024-13781 | Hero Maps Premium - Customizable Google Maps Plugin <= 2.3.9 - Authenticated (Subscriber+) SQL Injection | Hero Plugins | Hero Maps Premium | Medium | 6.5 | 2025-03-07 08:21:26 | Deep Dive |
| CVE-2025-27278 | WordPress AcuGIS Leaflet Maps Plugin <= 5.1.1.0 - Multiple Cross Site Scripting (XSS) vulnerabilities | David Ghedini | AcuGIS Leaflet Maps | High | 7.1 | 2025-03-03 13:30:31 | Deep Dive |
| CVE-2025-27265 | WordPress Google Maps for WordPress plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability | Aaron D. Campbell | Google Maps for WordPress | Medium | 6.5 | 2025-02-24 14:48:45 | Deep Dive |
| CVE-2024-13648 | Maps for WP <= 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | icopydoc | Maps for WP | Medium | 6.4 | 2025-02-21 09:21:06 | Deep Dive |
| CVE-2024-13306 | WP Google Map < 1.9.4 - Admin+ Stored XSS | Unknown | Maps Plugin using Google Maps for WordPress | 中危 | - | 2025-02-15 06:00:11 | Deep Dive |
| CVE-2024-13208 | WP Google Map < 1.9.4 - Admin+ Stored XSS | Unknown | Maps Plugin using Google Maps for WordPress | 中危 | - | 2025-02-15 06:00:09 | Deep Dive |
| CVE-2025-24742 | WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability | WPGMaps | WP Go Maps | Medium | 4.3 | 2025-01-27 14:22:19 | Deep Dive |
| CVE-2024-13542 | WP Google Street View (with 360° virtual tour) & Google maps + Local SEO <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | pagup | WP Google Street View (with 360° virtual tour) & Google maps + Local SEO | Medium | 6.4 | 2025-01-24 11:07:32 | Deep Dive |
| CVE-2025-23935 | WordPress Magic Google Maps plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability | Fengler | Magic Google Maps | Medium | 6.5 | 2025-01-16 20:08:00 | Deep Dive |
| CVE-2025-23871 | WordPress LSD Google Maps Embedder plugin <= 1.1 - CSRF to Stored XSS vulnerability | Bas Matthee | LSD Google Maps Embedder | High | 7.1 | 2025-01-16 20:07:29 | Deep Dive |
| CVE-2025-22329 | WordPress Free Google Maps plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability | Agile Logix | Free Google Maps | Medium | 6.5 | 2025-01-15 15:23:39 | Deep Dive |
| CVE-2025-22537 | WordPress Google Maps Travel Route Plugin <= 1.3.1 - SQL Injection vulnerability | traveller11 | Google Maps Travel Route | High | 8.5 | 2025-01-09 15:39:26 | Deep Dive |
| CVE-2023-45272 | WordPress 10Web Map Builder for Google Maps plugin <= 1.0.73 - Notice Dismissal Vulnerability | 10Web | 10Web Map Builder for Google Maps | Medium | 5.4 | 2025-01-02 14:53:25 | Deep Dive |
| CVE-2024-56240 | WordPress Pronamic Google Maps plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability | Pronamic | Pronamic Google Maps | Medium | 6.5 | 2025-01-02 12:01:17 | Deep Dive |
| CVE-2024-12571 | Store Locator <= 3.98.10 - Unauthenticated Local File Inclusion | moaluko | Store Locator for WordPress with Google Maps – LotsOfLocales | Critical | 9.8 | 2024-12-20 06:59:06 | Deep Dive |