Skip to main content

Google Maps Cp

2 CVEs product

Monthly

CVE-2026-57670 HIGH This Week

Stored/reflected Cross-Site Scripting in the Google Maps CP WordPress plugin (versions 1.2.5 and earlier, vendor CodePeople) lets an unauthenticated attacker inject malicious script that executes in a victim's browser after they interact with a crafted link or page. The flaw carries a CVSS 3.1 base score of 7.1 with a scope change, reflecting impact beyond the vulnerable component into the wider WordPress session. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

XSS Google Google Maps Cp
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-25039 MEDIUM This Month

Missing Authorization vulnerability in CodePeople Google Maps CP.0.43. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Google Maps Cp
NVD
CVSS 3.1
4.3
EPSS
0.1%
EPSS 0% CVSS 7.1
HIGH This Week

Stored/reflected Cross-Site Scripting in the Google Maps CP WordPress plugin (versions 1.2.5 and earlier, vendor CodePeople) lets an unauthenticated attacker inject malicious script that executes in a victim's browser after they interact with a crafted link or page. The flaw carries a CVSS 3.1 base score of 7.1 with a scope change, reflecting impact beyond the vulnerable component into the wider WordPress session. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

XSS Google Google Maps Cp
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Missing Authorization vulnerability in CodePeople Google Maps CP.0.43. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Google Maps Cp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy