Code Injection Vulnerability in RomanCode MapSVG Product
CVE-2025-47562

5.3MEDIUM

Key Information:

Vendor: WordPress
Status: Mapsvg
Vendor: CVE Published:; 16 May 2025

What is CVE-2025-47562?

An improper control of code generation vulnerability has been identified in RomanCode's MapSVG. This flaw allows attackers to execute arbitrary code, highlighting a significant security risk for systems using versions from n/a up to 8.5.34. Exploiting this vulnerability can lead to unauthorized data access and manipulation, putting the integrity of the application and its users at risk.

Affected Version(s)

MapSVG <= 8.5.34

References

https://patchstack.com/database/wordpress/plugin/mapsvg/v...

vdb-entry

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 16, 2025
Vulnerability Reserved
May 7, 2025

Credit

Anhchangmutrang (Patchstack Alliance)

WordPress

What is CVE-2025-47562?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit