100Plugins Open User Map vulnerabilities
4 known vulnerabilities affecting 100plugins/open_user_map.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2025-68002P3MEDIUMCVSS 6.5≤ 1.4.162026-02-20
CVE-2025-68002 [MEDIUM] CWE-22 CVE-2025-68002: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100p
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in 100plugins Open User Map open-user-map allows Path Traversal.This issue affects Open User Map: from n/a through <= 1.4.16.
nvd
CVE-2025-57953P4MEDIUMCVSS 6.5≤ 1.4.142025-09-22
CVE-2025-57953 [MEDIUM] CWE-79 CVE-2025-57953: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through <= 1.4.14.
nvd
CVE-2024-13362P4MEDIUMCVSS 6.1≤ 1.4.02026-05-01
CVE-2024-13362 [MEDIUM] CWE-79 CVE-2024-13362: Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via th
Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into perfor
nvd
CVE-2023-45056P4MEDIUMCVSS 4.8fixed in 1.3.27≥ n/a, ≤ 1.3.262023-10-18
CVE-2023-45056 [MEDIUM] CWE-79 CVE-2023-45056: Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 100plugins Open User Map plugin <=
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in 100plugins Open User Map plugin <= 1.3.26 versions.
nvd