WordPress MapPress Maps for WordPress plugin <= 2.97.3 - Cross Site Scripting (XSS) vulnerability

Description

Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions.

Vendor	Product	Versions
mappress	mappress maps for wordpress	n/a

Tier C

VulDB1d ago

→ No new info (linked only)

CVSS 3.17.1 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CISA KEV✅ Yes

Actively exploited✅ Yes

CWECWE-79

PublishedJun 26, 2026

Last enriched1d agov2

Trending Score82

Source articles1

Independent1

Info Completeness9/14

Missing: epss, exploit, patch, iocs, mitre_attack

0 upvotes0 downvotes

Last enriched 1d ago

v2Tier C1d ago

Updated description with more technical detail and corrected exploit availability to false.

description

via VulDB

v11d ago

Initial creation