cleantalk
Vulnerabilities and Security Researches

Geo Mashup, CVE-2026-27427

CVE, Research URL

CVE-2026-27427

Home page URL

Security reports for Geo Mashup

Application

Geo Mashup

Published on
May 26, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18.
Affected versions
max 1.13.19.
Status
vulnerable
Previous vulnerability researches
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2026-39564) , Apr 14, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-44038) , Sep 28, 2024
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2026-24994) , Feb 28, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2025-67973) , Feb 28, 2026
Sunshine Photo Cart: Free Client Galleries for Photographers (CVE-2024-43971) , Sep 01, 2024
New vulnerability
WordPress Tour & Travel Booking Plugin for WooCommerce – WpTravelly (CVE-2026-27331) , May 28, 2026
auto making JSON-LD (CVE-2026-8938) , May 28, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-7797) , May 28, 2026
Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin (CVE-2026-6937) , May 28, 2026
jQuery googleslides (CVE-2026-8866) , May 28, 2026