Product
mappresspro mappress
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-8620
CVE-2025-2162
CVE-2025-2055
CVE-2024-10715
CVE-2023-7225
CVE-2023-6524
CVE-2023-26015
CVE-2023-4840
CVE-2022-0537
CVE-2022-0208
CVE-2020-12675
CVE-2020-12077
< 2.93
The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privi
< 2.94.10
The MapPress Maps for WordPress plugin before 2.94.10 does not sanitise and escape some of its settings, which could allow high pr
< 2.94.9
The MapPress Maps for WordPress plugin before 2.94.9 does not sanitise and escape some parameters when outputing them in the page,
< 2.94.2
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in al
<= 2.88.16
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height paramet
< 2.88.14
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the map title parameter in a
<= 2.85.4
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Richardson MapPress Ma
<= 2.88.4
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'mappress' shortcode in vers
< 2.73.13
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_
< 2.73.4
The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in
< 2.54.6
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX
< 2.53.9
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces