cleantalk
Vulnerabilities and Security Researches

Geo Mashup, CVE-2026-27427

CVE, Research URL

CVE-2026-27427

Home page URL

Security reports for Geo Mashup

Application

Geo Mashup

Published on
May 26, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS. This issue affects Geo Mashup: from n/a through 1.13.18.
Affected versions
max 1.13.19.
Status
vulnerable
Previous vulnerability researches
WP Newsletter Subscription (CVE-2024-44012) , Sep 28, 2024
New vulnerability
Active Products Tables for WooCommerce. Professional products tables for WooCommerce store  (CVE-2026-42727) , May 28, 2026
VikBooking Hotel Booking Engine & PMS (CVE-2026-42683) , May 28, 2026
Geo Mashup (CVE-2026-27427) , May 28, 2026
affiliate-toolkit – WordPress Affiliate Plugin (CVE-2026-6169) , May 28, 2026
WP Job Portal – A Complete Job Board (CVE-2026-42684) , May 28, 2026