PT-2025-42701 · WordPress · Wp Go Maps
Dmitry Ignatyev
·
Published
2025-10-18
·
Updated
2025-10-18
·
CVE-2025-11703
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
WP Go Maps versions prior to 9.0.49
Description
The WP Go Maps plugin for WordPress is susceptible to Cache Poisoning in all versions up to and including 9.0.48. The plugin does not utilize server-side responses for cached data, instead depending on user-provided input. This allows unauthenticated attackers to manipulate the cache for location search results.
Recommendations
Update the WP Go Maps plugin to version 9.0.49 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp Go Maps