Unrated severityNVD Advisory· Published Apr 4, 2025· Updated Apr 4, 2025
Maps - Google Maps <= 1.0.6 - Contributor+ Stored XSS
CVE-2025-2279
Description
The Maps WordPress plugin through 1.0.6 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/cd87d7ba-86e9-45b6-a3cd-11f6486f0bd0/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.