Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

maps

Source -

ADPNVD

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

2
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-2279
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-5.9||MEDIUM
EPSS-0.08% / 23.29%
||
7 Day CHG~0.00%
Published-04 Apr, 2025 | 06:00
Updated-29 Apr, 2025 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Maps - Google Maps <= 1.0.6 - Contributor+ Stored XSS

The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Action-Not Available
Vendor-robosoftUnknown
Product-mapsMaps
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-53307
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 10.74%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 00:00
Updated-23 Jun, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Action-Not Available
Vendor-evisionsn/a
Product-mapsn/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-1286
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-4.9||MEDIUM
EPSS-0.11% / 30.46%
||
7 Day CHG~0.00%
Published-30 Jul, 2024 | 06:00
Updated-29 Aug, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Paid Memberships Pro - Membership Maps Add On < 0.7 - Contributor+ Sensitive Information Disclosure

The pmpro-membership-maps WordPress plugin before 0.7 does not prevent users with at least the contributor role from leaking sensitive information about users with a membership on the site.

Action-Not Available
Vendor-strangerstudiosUnknownpaidmembershipspro
Product-paid_memberships_propmpro-membership-mapsmaps
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key