cleantalk
Vulnerabilities and Security Researches

WordPress StoryMap Plugin, CVE-2025-52797

CVE, Research URL

CVE-2025-52797

Home page URL

Security reports for WordPress StoryMap Plugin

Application

WordPress StoryMap Plugin

Published on
Aug 15, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection. This issue affects StoryMap: from n/a through 2.1.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
eHive Account Details (5a1ac2bfb25451558629aa1cce94249ff4f9b6f4) , Jun 07, 2024
eHive Account Details (CVE-2013-6837) , Jun 07, 2024
New vulnerability
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025