{"vulnerability": "cve-2025-3503", "sightings": [{"uuid": "1d702fff-8c66-406b-be7e-9623aeb120cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3503", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo426aydww2p", "content": "", "creation_timestamp": "2025-05-01T09:55:26.989744Z"}, {"uuid": "d47a2374-e107-4320-b8cf-db8adb988c52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-35036", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqqbu37ft52e", "content": "", "creation_timestamp": "2025-06-03T21:56:32.968433Z"}, {"uuid": "dacd89f5-7b20-465f-86d2-3d99bb9094f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3503", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3503\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Maps  WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-05-01T06:00:04.224Z\n\ud83d\udccf Modified: 2025-05-01T06:00:04.224Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/83ddd432-309f-4ff5-974c-fdc9c67d1051/", "creation_timestamp": "2025-05-01T06:13:50.000000Z"}, {"uuid": "fbb4d498-0795-4766-846c-82cd0d9c4fdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-35036", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1833", "content": "", "creation_timestamp": "2026-04-21T21:00:00.000000Z"}, {"uuid": "f192495a-68d8-4a45-8fdb-89c3d1ebd87e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-35036", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwqt6xo2w", "content": "", "creation_timestamp": "2026-04-22T12:50:20.476541Z"}, {"uuid": "d6b77c6b-92b5-4287-ad1b-11318ba3104e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3503", "type": "seen", "source": "https://t.me/cvedetector/24198", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3503 - \"WP Maps Stored Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-3503 \nPublished : May 1, 2025, 6:15 a.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : The WP Maps  WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T10:39:11.000000Z"}]}