CVE-2025-5122 – Leaflet Map Block for WordPress Stored XSS Vulnerability

May 29, 2025

CVE ID : CVE-2025-5122

Published : May 29, 2025, 9:15 a.m. | 15 minutes ago

Description : The Map Block Leaflet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4670 – Easy Digital Downloads Stored Cross-Site Scripting (XSS)

Next Article CVE-2025-27151 – Redis Stack-Based Buffer Overflow Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

The Alters: Release date, mechanics, and everything else you need to know

I’ve fallen hard for Starsand Island, a promising anime-style life sim bringing Ghibli vibes to Xbox and PC later this year

This new official Xbox 4TB storage card costs almost as much as the Xbox SeriesXitself

I may have found the ultimate monitor for conferencing and productivity, but it has a few weaknesses

May report 2025

May report 2025

Write more reliable JavaScript with optional chaining

Deploying a Scalable Next.js App on Vercel – A Step-by-Step Guide

The Alters: Release date, mechanics, and everything else you need to know

The Alters: Release date, mechanics, and everything else you need to know

I’ve fallen hard for Starsand Island, a promising anime-style life sim bringing Ghibli vibes to Xbox and PC later this year

This new official Xbox 4TB storage card costs almost as much as the Xbox SeriesXitself

CVE-2025-5122 – Leaflet Map Block for WordPress Stored XSS Vulnerability

⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More

Exploitation Risk Grows for Critical Cisco Bug

CodeSOD: Brushing Up

A causal theory for studying the cause-and-effect relationships of genes

MongoDB Powers M-DAQ’s Anti-Money Laundering Compliance Platform

Empowering Time Series AI: How Salesforce is Leveraging Synthetic Data to Enhance Foundation Models

Accelerate your generative AI application development with Amazon Bedrock Knowledge Bases Quick Create and Amazon Aurora Serverless

Untangling the hiring dilemma: How security solutions free up HR processes

Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom

I tested JBL’s newest premium headphones – Bose and Sony should watch out

CVE-2025-5122 – Leaflet Map Block for WordPress Stored XSS Vulnerability

Related Posts