CVE-2026-33559

Name of the Vulnerable Software and Affected Versions WordPress Plugin OpenStreetMap versions (affected versions not specified)

Description The OpenStreetMap WordPress plugin by MiKa has a cross-site scripting issue. A user logged in with page creation or editing rights can inject malicious script through a crafted HTTP request. When another user accesses the affected page, the script may run in their web browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.