Which CBX Map for Google Map & OpenStreetMap CVEs are tracked?

CBX Map for Google Map & OpenStreetMap tracked CVEs include CVE-2025-9123, CVE-2025-47669, CVE-2024-22297, and CVE-2023-47240.

How many CBX Map for Google Map & OpenStreetMap vulnerabilities have patch guidance?

4 of 4 tracked CBX Map for Google Map & OpenStreetMap records include a published patch path.

Where should operators start on this Plugin hub?

Start with the priority CVE quick links, then open the full report for affected versions, remediation notes, CVSS vectors, and source references.

Plugin Vulnerability Hub

Plugin 4 known issues Latest disclosed Sep 10, 2025

CBX Map for Google Map & OpenStreetMap Vulnerabilities

Review known vulnerability records for the WordPress plugin CBX Map for Google Map & OpenStreetMap (`cbxgooglemap`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2025-9123, CVE-2025-47669 and CVE-2024-22297, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed

Known Records

High or Critical

Patch Coverage

100%

Last Updated

Dec 02, 2025

Priority CVE Quick Links

Fast paths into CBX Map for Google Map & OpenStreetMap CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs

CVE-2025-9123 Medium 2.0.2

CVE-2025-9123 CBX Map for Google Map & OpenStreetMap Stored Cross-Site Scripting

CBX Map for Google Map & OpenStreetMap <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

CVE-2025-47669 Medium 2.0.0

CVE-2025-47669 CBX Map for Google Map & OpenStreetMap Stored Cross-Site Scripting

CBX Map for Google Map & OpenStreetMap <= 1.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

CVE-2024-22297 Medium 1.1.12

CVE-2024-22297 CBX Map for Google Map & OpenStreetMap Stored Cross-Site Scripting

CBX Map for Google Map & OpenStreetMap <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

CVE-2023-47240 Medium 1.1.12

CVE-2023-47240 CBX Map for Google Map & OpenStreetMap Stored Cross-Site Scripting

CBX Map for Google Map & OpenStreetMap <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for CBX Map for Google Map & OpenStreetMap so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility

4 records include a published patch path, leaving 0 with no listed safe release yet.

Severity Mix

0 critical and 0 high severity findings.

Recent CVEs

CVE-2025-9123, CVE-2025-47669 and CVE-2024-22297

Reference Workflow

Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.

Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

CVE-2025-9123 Medium Patch path listed

CVE-2025-9123: CBX Map for Google Map & OpenStreetMap <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup heading and location address parameters in all versions up to, and...

Published

Sep 10, 2025

Patch Status

2.0.2

Open CVE-2025-9123 Report

CVE-2025-47669 Medium Patch path listed

CVE-2025-47669: CBX Map for Google Map & OpenStreetMap <= 1.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.12 due to insufficient input sanitization a...

Published

May 07, 2025

Patch Status

2.0.0

Open CVE-2025-47669 Report

CVE-2024-22297 Medium Patch path listed

CVE-2024-22297: CBX Map for Google Map & OpenStreetMap <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.11 due to insufficient input sanitization a...

Published

Jan 17, 2024

Patch Status

1.1.12

Open CVE-2024-22297 Report

Known Vulnerabilities

Reports for CBX Map for Google Map & OpenStreetMap

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2025-9123

CVE-2025-9123: CBX Map for Google Map & OpenStreetMap <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup heading and location address parameters in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. This makes it...

Published

Sep 10, 2025

Patched Release

2.0.2

Affected Versions

Versions up to 2.0.1

Next Step

Update to 2.0.2 or newer if supported.

Open CVE-2025-9123 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2025-47669

CVE-2025-47669: CBX Map for Google Map & OpenStreetMap <= 1.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-l...

Published

May 07, 2025

Patched Release

2.0.0

Affected Versions

Versions up to 1.1.12

Next Step

Update to 2.0.0 or newer if supported.

Open CVE-2025-47669 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2024-22297

CVE-2024-22297: CBX Map for Google Map & OpenStreetMap <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.1.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-l...

Published

Jan 17, 2024

Patched Release

1.1.12

Affected Versions

Versions up to 1.1.11

Next Step

Update to 1.1.12 or newer if supported.

Open CVE-2024-22297 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-47240

CVE-2023-47240: CBX Map for Google Map & OpenStreetMap <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

The CBX Map for Google Map & OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.1.11 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

Published

Nov 07, 2023

Patched Release

1.1.12

Affected Versions

Versions up to 1.1.11

Next Step

Update to 1.1.12 or newer if supported.

Open CVE-2023-47240 Report Open CVE Reference