CVE-2026-33559

NONE

Risk Signal Score0/100 — NIEDRIG

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

Beschreibung

WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability. On the site with the affected version of the plugin enabled, a logged-in user with a page-creating/editing privilege can embed some malicious script with a crafted HTTP request. When a victim user accesses this page, the script may be executed in the user's web browser.

Referenzen

https://jvn.jp/en/jp/JVN48058823/
https://wordpress.org/plugins/osm/