Medium severity5.4NVD Advisory· Published Mar 27, 2026· Updated May 19, 2026
CVE-2026-33559
CVE-2026-33559
Description
WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability. On the site with the affected version of the plugin enabled, a logged-in user with a page-creating/editing privilege can embed some malicious script with a crafted HTTP request. When a victim user accesses this page, the script may be executed in the user's web browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- MiKa/OpenStreetMapv5Range: prior to 6.1.15
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.