Vulnerabilities and security researches foropen-user-map open-user-map

Jun 06, 2024

CVE, Research URL: fa21f1aa178e8330d54157227f2ef6360279aa03
Home page URL: Security reports for Open User Map
Application: Open User Map
Date: Feb 28, 2022
Research Description: Open User Map [open-user-map] < 1.2.11 WordPress Open User Map | Everybody can add locations plugin < 1.2.11 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress Open User Map | Everybody can add locations plugin (versions < 1.2.11).
Affected versions: max 1.2.11.
Status: vulnerable

CVE, Research URL: CVE-2023-45056
Home page URL: Security reports for Open User Map
Application: Open User Map
Date: Oct 18, 2023
Research Description: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 100plugins Open User Map plugin <= 1.3.26 versions.
Affected versions: max 1.3.27.
Status: vulnerable

Nov 11, 2025

CVE, Research URL: CVE-2025-57953
Home page URL: Security reports for Open User Map
Application: Open User Map
Date: Sep 23, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 100plugins Open User Map allows DOM-Based XSS. This issue affects Open User Map: from n/a through 1.4.14.
Affected versions: max 1.4.14.
Status: vulnerable