What is the CVSS score of EUVD-2026-36698?

EUVD-2026-36698 has a CVSS 3.1 base score of 5.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N. EPSS exploitation probability: 0.1%.

Is there a public PoC exploit available for EUVD-2026-36698?

Yes, a public proof-of-concept exploit is available for EUVD-2026-36698. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for EUVD-2026-36698?

Yes, a patch is available for EUVD-2026-36698. Update the affected software to the latest version immediately.

Wp Go Maps EUVD-2026-36698

| CVE-2026-8386 MEDIUM

2026-06-15 WPScan

GHSA-7gcf-rrgh-pw4q

WordPress Information Disclosure Wp Go Maps

5.3

CVSS 3.1 · Vendor: WPScan

Severity by source

Vendor (WPScan) PRIMARY

5.3 MEDIUM

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from Vendor (WPScan) · only source for this CVE.

CVSS VectorVendor: WPScan

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Patch available

Jun 15, 2026 - 09:01 EUVD

CVE Published

Jun 15, 2026 - 06:00 cve.org

UNKNOWN (no severity yet)

DescriptionCVE.org

The WP Go Maps WordPress plugin before 10.0.10 does not perform any approval-state filtering on its public single-marker REST endpoint, allowing unauthenticated users to retrieve marker records that an administrator has not yet approved for public display, including any PII placed in the address and description fields and the marker's geographic coordinates.