MEDIUM
cyberhobo
CVE published 2026-05-28
CVE-2026-7552
The Geo Mashup plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.13.19. The vulnerability stems from improper authorization verification, allowing unauthenticated attackers to access sensitive plugin configuration data including Google Maps API keys and GeoNames service credentials. This represents a MEDIUM severity information disclosure risk with a CVSS 3 [truncated]