| CVE-2024-56011 | WordPress Responsive Google Maps | by imbaa plugin <= 1.2.5 - Stored Cross Site Scripting (XSS) vulnerability | Ilja Zaglov | Responsive Google Maps | by imbaa | Medium | 6.5 | 2024-12-16 14:14:15 | Deep Dive |
| CVE-2024-11203 | EmbedPress – Embed PDF, 3D Flipbook, Social Feeds, Google Docs, Vimeo, Wistia, YouTube Videos, Audios, Google Maps in Gutenberg Block & Elementor <= 4.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'provider_name' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-11-28 08:47:31 | Deep Dive |
| CVE-2024-51901 | WordPress Smooth Maps plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability | Flow Byte | Smooth Maps | Medium | 6.5 | 2024-11-19 16:31:08 | Deep Dive |
| CVE-2024-10592 | Mapster WP Maps <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | mapster | Mapster WP Maps | Medium | 6.4 | 2024-11-16 09:36:35 | Deep Dive |
| CVE-2024-10621 | Simple Shortcode for Google Maps <= 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | fullworks | Simple Shortcode for Google Maps | Medium | 6.4 | 2024-11-08 05:31:13 | Deep Dive |
| CVE-2024-10715 | MapPress Maps for WordPress <= 2.94.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Map Block | chrisvrichardson | MapPress Maps for WordPress | Medium | 6.4 | 2024-11-06 11:00:29 | Deep Dive |
| CVE-2024-9235 | Mapster WP Maps <= 1.5.0 - Incorrect Authorization to Authenticated (Contributor+) Arbitrary Options Update | mapster | Mapster WP Maps | High | 8.8 | 2024-10-25 06:51:26 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-9028 | WP GPX Maps <= 1.7.08 - Authenticated (Contributor+) Stored Cross-Site Scripting via sgpx Shortcode | bastianonm | WP GPX Maps | Medium | 6.4 | 2024-09-25 02:05:19 | Deep Dive |
| CVE-2024-8622 | amCharts: Charts and Maps <= 1.4.4 - Reflected Cross-Site Scripting via Cross-Site Request Forgery | martynasma | amCharts: Charts and Maps | Medium | 6.1 | 2024-09-12 08:30:45 | Deep Dive |
| CVE-2024-1286 | Paid Memberships Pro - Membership Maps Add On < 0.7 - Contributor+ Sensitive Information Disclosure | Unknown | pmpro-membership-maps | - | - | 2024-07-30 06:00:05 | Deep Dive |
| CVE-2024-38782 | WordPress Leaflet Maps Marker plugin <= 3.12.9 - Cross Site Scripting (XSS) vulnerability | MapsMarker.com e.U. | Leaflet Maps Marker | Medium | 6.5 | 2024-07-21 21:13:35 | Deep Dive |
| CVE-2024-5219 | Easy Google Maps <= 1.11.15 - Authenticated (Author+) Stored Cross-Site Scripting | supsysticcom | Easy Google Maps | Medium | 6.4 | 2024-07-02 06:49:44 | Deep Dive |
| CVE-2024-2386 | WordPress Plugin for Google Maps – WP MAPS <= 4.6.1 - Authenticated (Contributor+) SQL Injection | flippercode | WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters | High | 8.8 | 2024-06-29 13:00:06 | Deep Dive |
| CVE-2024-5994 | WP Go Maps (formerly WP Google Maps) <= 9.0.38 - Authenticated (Contributor+) Stored Cross-Site Scripting | wpgmaps | WP Go Maps (formerly WP Google Maps) | Medium | 6.4 | 2024-06-14 06:53:29 | Deep Dive |
| CVE-2024-1565 | EmbedPress <= 3.9.10 - Authenticated(Contributor+) Stored Cross-Site Scripting via PDF Widget URL | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-13 08:31:32 | Deep Dive |
| CVE-2024-5571 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-06-05 08:33:16 | Deep Dive |
| CVE-2024-3557 | WP Go Maps (formerly WP Google Maps) <= 9.0.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpgmaps | WP Go Maps (formerly WP Google Maps) | Medium | 6.4 | 2024-05-24 04:29:59 | Deep Dive |
| CVE-2024-1803 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Insufficient Authorization Checks to Block Usual | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 4.3 | 2024-05-23 12:43:29 | Deep Dive |
| CVE-2024-4316 | EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-05-09 20:03:23 | Deep Dive |