cleantalk
Vulnerabilities and Security Researches

Maps – Google Maps, CVE-2025-2279

CVE, Research URL

CVE-2025-2279

Home page URL

Security reports for Maps – Google Maps

Application

Maps – Google Maps

Published on
Apr 04, 2025
Research Description
The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Affected versions
Min -, max 1.0.6.
Status
vulnerable
Previous vulnerability researches
Export All Posts, Products, Orders, Refunds & Users (CVE-2023-45066) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2016-11000) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2018-20968) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2023-2487) , Jun 07, 2024
Export All Posts, Products, Orders, Refunds & Users (CVE-2024-12315) , Feb 16, 2025
New vulnerability
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025
Salon booking system (CVE-2025-32220) , Apr 06, 2025
1 Click WordPress Migration Plugin – 100% FREE for a limited time (CVE-2025-32257) , Apr 06, 2025