What is the CVSS score of EUVD-2026-36697?

EUVD-2026-36697 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for EUVD-2026-36697?

Yes, a public proof-of-concept exploit is available for EUVD-2026-36697. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for EUVD-2026-36697?

Yes, a patch is available for EUVD-2026-36697. Update the affected software to the latest version immediately.

Wp Go Maps EUVD-2026-36697

| CVE-2026-8385 MEDIUM

Information Exposure (CWE-200)

2026-06-15 WPScan

GHSA-f9fr-2hr3-67mf

WordPress Information Disclosure Wp Go Maps

5.3

CVSS 3.1 · Vendor: WPScan

Severity by source

Vendor (WPScan) PRIMARY

5.3 MEDIUM

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from Vendor (WPScan) · only source for this CVE.

CVSS VectorVendor: WPScan

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Patch available

Jun 15, 2026 - 09:01 EUVD

CVE Published

Jun 15, 2026 - 06:00 cve.org

UNKNOWN (no severity yet)

DescriptionCVE.org

The WP Go Maps WordPress plugin before 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables route, allowing unauthenticated visitors to retrieve marker records that the site owner has not approved for public display, including their title, category, address and description fields.