CVE-2025-57953

Name of the Vulnerable Software and Affected Versions 100plugins Open User Map versions through 1.4.14

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a DOM-Based Cross-site Scripting issue. This allows for the execution of malicious scripts within the context of the affected web page. The vulnerability exists because the application does not adequately sanitize user-supplied data before incorporating it into the generated web page. This can potentially allow an attacker to inject arbitrary HTML or JavaScript code into the page, which could then be executed by other users who view the page.

Recommendations Update 100plugins Open User Map to a version later than 1.4.14.