VYPR
High severity7.5NVD Advisory· Published May 18, 2026· Updated May 18, 2026

CVE-2026-6381

CVE-2026-6381

Description

The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform Local File Inclusion attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

1

News mentions

1