[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWO2dSeexEPBv8kYki6gSwO3Eg4FAxtKEXbM-RI5zl0k":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2025-32138","easy-google-maps-authenticated-author-xml-entity-injection","Easy Google Maps \u003C= 1.11.18 - Authenticated (Author+) XML Entity Injection","The Easy Google Maps plugin for WordPress is vulnerable to XML External Entity Injection in all versions up to, and including, 1.11.18. This is due to the plugin not properly filtering data included in XML. This makes it possible for authenticated attackers, with author-level access and above, to inject external entities which can make code execution possible.","google-maps-easy",null,"\u003C=1.11.18","1.11.19","medium",6.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Improper Restriction of XML External Entity Reference","2025-04-04 00:00:00","2025-04-17 13:14:18",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Faa6d82f7-cee4-4640-a736-26e3a35712e1?source=api-prod",14]