Security Advisory

CVE-2026-33559

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-27 04:56:41

Last updated 2026-03-27 19:39:20

Assigner jpcert

State PUBLISHED

Description

WordPress Plugin "OpenStreetMap" provided by MiKa contains a cross-site scripting vulnerability. On the site with the affected version of the plugin enabled, a logged-in user with a page-creating/editing privilege can embed some malicious script with a crafted HTTP request. When a victim user accesses this page, the script may be executed in the users web browser.

← Browse all CVEs View on cve.org ↗