cleantalk
Vulnerabilities and Security Researches

MapifyLite (by MapifyPro), 6be590d56cf666ad67a6e008b71242e607d966ea

CVE, Research URL

6be590d56cf666ad67a6e008b71242e607d966ea

Home page URL

Security reports for MapifyLite (by MapifyPro)

Application

MapifyLite (by MapifyPro)

Published on
Mar 24, 2021
Research Description
MapifyLite (by MapifyPro) [mapifylite] < 4.0.0 MapifyLite and MapifyPro <= 3.3 - Authenticated Stored Cross-Site Scripting The MapifyLite and MapifyPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 4.0.0.
Status
vulnerable
Previous vulnerability researches
My auctions allegro (CVE-2025-27009) , Apr 16, 2025
My auctions allegro (CVE-2024-11707) , Dec 06, 2024
My auctions allegro (CVE-2025-68567) , Jan 10, 2026
My auctions allegro (CVE-2025-68566) , Jan 10, 2026
My auctions allegro (CVE-2025-12851) , Dec 10, 2025
New vulnerability
Attendance Manager (d61a53a5132d4f127db04c355b728189ae540eb5) , Jun 16, 2026
Slider Hero with Animation, Video Background (e03420c55099714ac90da016761d318e5e1cb6db) , Jun 16, 2026
Slider Hero with Animation, Video Background (ec2738226d537a4c17dbff19a2e826361834f640) , Jun 16, 2026
Slider Hero with Animation, Video Background (20851a18-8309-4405-b85c-acaa047effa7) , Jun 16, 2026
Profile Extra Fields by BestWebSoft (588989ab-fc51-4477-9b4b-ebcfdba33bd6) , Jun 16, 2026