cleantalk
Vulnerabilities and Security Researches

Arrow Maps – Custom Maps for WordPress, CVE-2025-28858

CVE, Research URL

CVE-2025-28858

Home page URL

Security reports for Arrow Maps – Custom Maps for WordPress

Application

Arrow Maps – Custom Maps for WordPress

Published on
Mar 26, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arrow Plugins Arrow Maps allows Reflected XSS. This issue affects Arrow Maps: from n/a through 1.0.9.
Affected versions
Min -, max 1.0.9.
Status
vulnerable
Previous vulnerability researches
Arrow Maps – Custom Maps for WordPress (CVE-2025-28858) , Mar 28, 2025
New vulnerability
ContentMX Content Publisher (CVE-2025-31555) , Apr 03, 2025
Float menu – awesome floating side menu (CVE-2025-30912) , Apr 03, 2025
Exit Popup Free (CVE-2025-31591) , Apr 03, 2025
Advanced Post Search (CVE-2025-30548) , Apr 03, 2025
Leaky Paywall (CVE-2025-31083) , Apr 03, 2025