CVE-2025-14851 | YaMaps Plugin up to 0.6.40 on WordPress Shortcode yamap cross site scripting

A vulnerability was found in YaMaps Plugin up to 0.6.40 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation of the argument yamap results in cross site scripting.

This vulnerability is reported as CVE-2025-14851. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More