cleantalk
Vulnerabilities and Security Researches

WordPress StoryMap Plugin, CVE-2025-52797

CVE, Research URL

CVE-2025-52797

Home page URL

Security reports for WordPress StoryMap Plugin

Application

WordPress StoryMap Plugin

Published on
Aug 15, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection. This issue affects StoryMap: from n/a through 2.1.
Affected versions
Min -, max 2.1.
Status
vulnerable
Previous vulnerability researches
Hello Elementor (CVE-2024-31289) , Jun 10, 2024
New vulnerability
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025
Simplified Plugin (CVE-2025-53241) , Aug 16, 2025