Cross-Site Scripting Vulnerability in ShMapper by Teplitsa
CVE-2025-24674
5.9MEDIUM
What is CVE-2025-24674?
The ShMapper plugin by Teplitsa contains a Cross-Site Scripting (XSS) vulnerability caused by improper input handling during web page generation. This security flaw allows for stored XSS attacks, potentially enabling attackers to inject malicious scripts that impede user security and compromise sensitive data. Versions from n/a to 1.5.0 are prone to this vulnerability, necessitating immediate attention from users to safeguard their web applications.
Affected Version(s)
ShMapper by Teplitsa <= 1.5.0