CVE-2025-57952

Name of the Vulnerable Software and Affected Versions icopydoc Maps for WP versions through 1.2.5

Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, potentially leading to Cross-site Scripting (XSS). This allows an attacker to inject malicious scripts into web pages viewed by other users. The issue is a Stored XSS, meaning the malicious script is permanently stored on the target server. The vulnerable component is related to web page generation.

Recommendations Update to a version later than 1.2.5.