Browse all 4 CVE security advisories affecting bozdoz. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bozdoz develops web-based interactive mapping and visualization tools, primarily serving developers and businesses requiring custom geographic data presentation. Historically, their products have been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often stemming from improper input validation and insecure data handling. Security assessments have revealed consistent patterns of insufficient sanitization in user-generated content and inadequate protection against injection attacks. While no major public security incidents have been documented, the presence of four CVEs indicates ongoing security challenges that require rigorous input validation and secure coding practices to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39646 | WordPress Leaflet Map plugin <= 3.4.4 - Cross Site Scripting (XSS) vulnerability — Leaflet MapCWE-79 | 6.5 | Medium | 2026-04-08 |
| CVE-2025-32494 | WordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Cross Site Request Forgery (CSRF) Vulnerability — reCAPTCHA JetpackCWE-352 | 4.3 | Medium | 2025-04-09 |
| CVE-2025-22589 | WordPress Quote Tweet plugin <= 0.7 - CSRF to Stored XSS vulnerability — Quote TweetCWE-352 | 7.1 | High | 2025-01-07 |
| CVE-2023-5050 | Leaflet Map <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Leaflet MapCWE-79 | 6.4 | Medium | 2023-10-20 |
This page lists every published CVE security advisory associated with bozdoz. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.