Wpgmaps Wp Go Maps (Formerly Wp Google Maps)
10 CVEs affecting Wpgmaps Wp Go Maps (Formerly Wp Google Maps). Latest disclosed: 2026-03-18. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4268 | Medium | 6.4 | 2026-03-18 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpgmza_custom_js’ parameter in all versions… |
CVE-2024-5994 | Medium | 6.4 | 2024-06-14 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and includin… |
CVE-2024-3557 | Medium | 6.4 | 2024-05-24 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpgmza shortcode in all versions up… |
CVE-2024-1582 | Medium | 6.4 | 2024-03-13 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpgmza' shortcode in all versions… |
CVE-2023-6697 | Medium | 6.1 | 2024-01-24 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, a… |
CVE-2025-11166 | Medium | 5.4 | 2025-10-09 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46… |
CVE-2026-0593 | Medium | 5.3 | 2026-01-24 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the proce… |
CVE-2025-11703 | Medium | 5.3 | 2025-10-18 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 9.0.48. This is due to the… |
CVE-2023-6777 | Medium | 5.3 | 2024-04-09 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 9.0.34 due… |
CVE-2023-4839 | Medium | 4.4 | 2024-03-13 | The WP Go Maps for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 9.0.32 due to insufficient input… |