CVE-2026-6381
HIGH NVDCVSS Score
7.5
Severity
HIGH
Source
NVD
Published
May 18, 2026
Description
The WP Maps WordPress plugin before 4.9.3 does not properly sanitize a parameter before using it in a file path, allowing authenticated users to perform Local File Inclusion attacks.