216.73.217.64

CVE-2025-2055

· Published 03/04/2025 06:15 · Modified 03/04/2025 14:15

Labels: CVE-2025-2055 2025-04-03CVE-2025-2055[email protected]

Essential information

Published
03/04/2025 06:15
Modified
03/04/2025 14:15
Author
Creator
CVSS
6.8 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

The MapPress Maps for WordPress plugin before 2.94.9 does not sanitise and escape some parameters when outputing them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wordPress / mappress maps cpe:2.3:a:wordPress:mappress_maps:*:*:*:*:*:wordpress:*:*
wordPress / mappress maps cpe:2.3:a:wordPress:mappress_maps:2.94.9:*:*:*:*:*:*:*

References