CVE-2025-67990
Reflected XSS in GMap Targeting Plugin
Publication date: 2026-02-20
Last updated on: 2026-02-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| realmag777 | gmap_targeting | From 1.0.0 (inc) to 1.1.7 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-67990 is a medium severity Cross Site Scripting (XSS) vulnerability in the WordPress GMap Targeting Plugin versions up to and including 1.1.7.
This vulnerability allows an attacker to inject malicious scriptsβsuch as redirects, advertisements, or other HTML payloadsβinto a website. These scripts execute when visitors access the compromised site.
Exploitation requires user interaction by a privileged user, such as clicking a malicious link, visiting a crafted page, or submitting a form.
The vulnerability falls under the OWASP Top 10 category A3: Injection and is specifically classified as Cross Site Scripting (XSS).
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute malicious scripts on your website, which can lead to unauthorized redirects, display of unwanted advertisements, or execution of harmful HTML payloads.
Such attacks can compromise the integrity and trustworthiness of your website, potentially harming your users and damaging your reputation.
Successful exploitation depends on privileged user interaction, meaning an attacker needs a user with certain permissions to engage with malicious content.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability is a reflected Cross Site Scripting (XSS) issue in the WordPress GMap Targeting Plugin up to version 1.1.7. Detection typically involves testing for injection of malicious scripts in web requests and observing if they are reflected in the web page output.'}, {'type': 'paragraph', 'content': 'You can detect this vulnerability by sending crafted HTTP requests containing typical XSS payloads (e.g., <script>alert(1)</script>) to the web application endpoints related to the GMap Targeting plugin and checking if the payload is reflected unescaped in the response.'}, {'type': 'paragraph', 'content': 'Common commands or tools to assist detection include:'}, {'type': 'list_item', 'content': 'Using curl to send test payloads: curl -G --data-urlencode "param=<script>alert(1)</script>" https://yourwebsite.com/path'}, {'type': 'list_item', 'content': 'Using automated scanners like OWASP ZAP or Burp Suite to scan for reflected XSS vulnerabilities.'}, {'type': 'list_item', 'content': 'Reviewing web server logs for suspicious query parameters or payloads that include script tags.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The primary mitigation step is to update the WordPress GMap Targeting Plugin to version 1.1.8 or later, where the vulnerability has been patched.'}, {'type': 'paragraph', 'content': "Until the update can be applied, you can use Patchstack's automatic mitigation rule to block attacks targeting this vulnerability."}, {'type': 'paragraph', 'content': 'Additionally, enabling auto-update features for vulnerable plugins can help prevent exploitation in the future.'}, {'type': 'paragraph', 'content': 'It is also advisable to educate privileged users about the risk of clicking on suspicious links or submitting untrusted forms, as exploitation requires user interaction.'}] [1]