← Back

Ultimate Maps

ultimate_maps

Vendor: Supsystic • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-6732
1Supsystic
1Ultimate Maps
Jun 2, 2025
Jan 16, 2024
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfi...Show more
The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowedShow less
CVE-2021-24274
1Supsystic
1Ultimate Maps
Nov 21, 2024
May 5, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue