Unrated severityNVD Advisory· Published May 21, 2012· Updated Jun 16, 2026
CVE-2012-2913
CVE-2012-2913
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.php or (2) leaflet_marker.php, as reachable through wp-admin/admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:mapsmarker:leaflet_maps_marker_plugin:0.0.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.