CVE-2025-13958 | YaMaps Plugin up to 0.6.39 on WordPress Shortcode cross site scripting

Inserito da Angelo Barbosa | Dic 29, 2025 | CVE

A vulnerability marked as problematic has been reported in YaMaps Plugin up to 0.6.39 on WordPress. This affects an unknown part of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-13958. Remote exploitation of the attack is possible. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2025-13958 | YaMaps Plugin up to 0.6.39 on WordPress Shortcode cross site scripting

Post correlati

CVE-2025-24600 | David F. Carr RSVPMarker Plugin up to 11.4.5 on WordPress authorization

CVE-2023-6467 | Thecosy IceCMS 2.0.1 Comment Like improper enforcement of a single, unique action

CVE-2024-25965 | Dell PowerScale OneFS up to 9.3.0.0/9.4.0.17/9.5.0.7/9.7.0.1/9.7.0.2 file inclusion (dsa-2024-163)

CVE-2025-1964 | projectworlds Online Hotel Booking 1.0 booknow.php?roomname=Duplex checkin sql injection