VYPR
Vendor

Cyberhobo

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2025-48293CriAug 14, 2025
    risk 0.64cvss 9.8epss 0.00

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows PHP Local File Inclusion.This issue affects Geo Mashup: from n/a through <= 1.13.16.

  • CVE-2018-14071CriJul 16, 2018
    risk 0.57cvss 9.8epss 0.03

    The Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input.

  • CVE-2026-6457MedMay 2, 2026
    risk 0.35cvss 6.5epss 0.00

    The Geo Mashup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geo_mashup_null_fields' parameter in all versions up to, and including, 1.13.19 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…

  • CVE-2024-44008MedSep 17, 2024
    risk 0.35cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through <= 1.13.12.

  • CVE-2015-1383Feb 2, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the geo search widget in the Geo Mashup plugin before 1.8.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the search key.