{"vulnerability": "CVE-2023-6627", "sightings": [{"uuid": "8ca4404c-0049-40fa-b908-3aa33a9880e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6627", "type": "seen", "source": "https://t.me/ctinow/173531", "content": "https://ift.tt/Bh7w21V\nCVE-2023-6627 | WP Go Maps Plugin up to 9.0.27 on WordPress REST API cross site scripting", "creation_timestamp": "2024-01-25T15:42:04.000000Z"}, {"uuid": "787fcb61-d0ab-4a85-81d3-9b83bcc881c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-6627", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18803", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-6627\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Go Maps (formerly WP Google Maps) WordPress plugin before 9.0.28 does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site.\n\ud83d\udccf Published: 2024-01-08T19:00:30.023Z\n\ud83d\udccf Modified: 2025-06-18T16:53:01.945Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f5687d0e-98ca-4449-98d6-7170c97c8f54\n2. https://wpscan.com/blog/stored-xss-fixed-in-wp-go-maps-9-0-28/", "creation_timestamp": "2025-06-18T17:39:09.000000Z"}]}