OSM – OpenStreetMap — Vulnerabilities & Security Advisories 5

All 5 CVE vulnerabilities found in OSM – OpenStreetMap, with AI-generated Chinese analysis, references, and POCs.

Vendor: MiKa

CVE ID	Title	CVSS	Severity	Published
CVE-2026-4429	OSM <= 6.1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marker_name' Shortcode Attribute CWE-79	6.4	Medium	2026-04-09
CVE-2024-8991	OSM <= 6.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via osm_map and osm_map_v3 Shortcodes CWE-79	6.4	Medium	2024-09-27
CVE-2024-3604	OSM – OpenStreetMap <= 6.0.3 - Authenticated (Contributor+) SQL Injection CWE-89	9.9	Critical	2024-07-09
CVE-2024-3603	OSM – OpenStreetMap <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79	6.4	Medium	2024-07-09
CVE-2022-30544	WordPress OSM – OpenStreetMap Plugin <= 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352	4.3	Medium	2023-01-17

All 5 known CVE vulnerabilities affecting OSM – OpenStreetMap with full Chinese analysis, references, and POCs where available.