During an analysis of the WP Go Maps plugin (formerly WP Google Maps), we discovered a pretty serious Stored XSS vulnerability that can be exploited by any attackers, regardless of whether they have an account on the site. When successfully exploited, this vulnerability may let attackers perform any action the logged‑in administrator they targeted is allowed … Continue reading Stored XSS Fixed In WP Go Maps 9.0.28