| CVE-2024-3681 | Interactive World Maps <= 2.4.14 - Reflected Cross-Site Scripting | cmoreira | Interactive World Maps | Medium | 6.1 | 2024-05-02 16:57:17 | Deep Dive |
| CVE-2024-3670 | Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) <= 3.12.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | harmr | Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) | Medium | 6.4 | 2024-05-02 16:52:10 | Deep Dive |
| CVE-2024-31269 | WordPress Easy Google Maps plugin <= 1.11.11 - Cross Site Request Forgery (CSRF) vulnerability | Supsystic | Easy Google Maps | Medium | 4.3 | 2024-04-12 12:41:13 | Deep Dive |
| CVE-2024-31271 | WordPress Ultimate Maps plugin <= 1.2.16 - Cross Site Request Forgery vulnerability | Supsystic | Ultimate Maps by Supsystic | Medium | 4.3 | 2024-04-12 12:40:09 | Deep Dive |
| CVE-2024-3244 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-09 18:59:00 | Deep Dive |
| CVE-2023-6777 | WP Go Maps (formerly WP Google Maps) <= 9.0.34 - Information Exposure to Potential Denial of Service | wpgmaps | WP Go Maps (formerly WP Google Maps) | Medium | 5.3 | 2024-04-09 18:58:48 | Deep Dive |
| CVE-2024-3245 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-04-06 02:32:04 | Deep Dive |
| CVE-2024-31116 | WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability | 10Web | 10Web Map Builder for Google Maps | High | 7.6 | 2024-03-31 18:15:04 | Deep Dive |
| CVE-2024-29931 | WordPress WP Go Maps plugin <= 9.0.29 - Reflected Cross Site Scripting (XSS) vulnerability | WPGMaps | WP Go Maps | High | 7.1 | 2024-03-27 10:10:04 | Deep Dive |
| CVE-2023-25039 | WordPress Google Maps CP plugin <= 1.0.43 - Missing Authorization Leading To Feedback Submission Vulnerability | CodePeople | Google Maps CP | Medium | 4.3 | 2024-03-25 11:46:49 | Deep Dive |
| CVE-2024-2468 | EmbedPress <= 3.9.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Widget Attribute | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-2688 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.12 - Authenticated (Contributor+) Stored Cross-site Scripting via 'embedpress_doc_custom_color' | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 5.4 | 2024-03-23 02:32:56 | Deep Dive |
| CVE-2024-1582 | WP Go Maps (formerly WP Google Maps) <= 9.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpgmaps | WP Go Maps (formerly WP Google Maps) | Medium | 6.4 | 2024-03-13 01:57:28 | Deep Dive |
| CVE-2023-4839 | WP Go Maps <= 9.0.32 - Authenticated (Administrator+) Stored Cross-Site Scripting | wpgmaps | WP Go Maps (formerly WP Google Maps) | Medium | 4.4 | 2024-03-13 01:57:27 | Deep Dive |
| CVE-2024-1802 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Wistia Block | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 20:33:26 | Deep Dive |
| CVE-2024-2128 | EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via EmbedPress PDF Widget | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-03-07 19:32:59 | Deep Dive |
| CVE-2024-1349 | EmbedPress <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-02-20 18:56:32 | Deep Dive |
| CVE-2024-1425 | EmbedPress <= 3.9.8 - Authenticated(Contributor+) Stored Cross-Site Scripting via Google Calendar Widget Link | wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more | Medium | 6.4 | 2024-02-20 18:56:31 | Deep Dive |
| CVE-2024-0420 | MapPress Maps for WordPress < 2.88.15 - Contributor+ Stored XSS | Unknown | MapPress Maps for WordPress | 中危 | - | 2024-02-12 16:05:59 | Deep Dive |
| CVE-2024-0421 | MapPress Maps for WordPress < 2.88.16 - Unauthenticated Arbitrary Private/Draft Post Disclosure | Unknown | MapPress Maps for WordPress | 中危 | - | 2024-02-12 16:05:58 | Deep Dive |