Unauthenticated Cross-Site Scripting in MapPress Maps for WordPress
CVE-2026-56011
7.1HIGH
What is CVE-2026-56011?
An Unauthenticated Cross-Site Scripting (XSS) vulnerability exists in the MapPress Maps plugin for WordPress. This security flaw affects versions up to 2.97.3, enabling malicious users to inject arbitrary web scripts into pages viewed by other users. This can lead to unauthorized actions and data exposure, highlighting the importance of updating to secure versions to protect against potential exploitation.
Affected Version(s)
MapPress Maps for WordPress <= 2.97.3