Security for everyone

CVE-2021-24274 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Ultimate Maps by Supsystic plugin for WordPress affects v. before 1.2.5.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2021-24274 Scanner Detail

The Ultimate Maps by Supsystic is a popular WordPress plugin designed to help website owners create and display interactive maps on their site. With this plugin, users can customize their maps to fit their specific needs, such as adding markers, overlays, and tooltips. The Ultimate Maps plugin is widely used by businesses and organizations to showcase their locations and services to customers.

Unfortunately, the plugin has been found to have a critical vulnerability known as CVE-2021-24274. This vulnerability allows attackers to execute arbitrary JavaScript on the victim's browser, leading to devastating consequences. The vulnerability lies in the fact that the plugin does not properly sanitize the tab parameter of its options page before outputting it in an attribute, allowing attackers to inject code into the page and execute it on the victim's browser.

When exploited, this vulnerability gives attackers access to sensitive information such as user credentials, credit card data, and other personal information. In addition, the attackers can use the victim's browser to carry out further attacks, such as phishing and malware distribution. This can have a severe impact on the victim's privacy and security, and ultimately harm their reputation and business.

At, our pro features make it easy for users to stay up-to-date on the latest vulnerabilities and threats to their digital assets. With our comprehensive vulnerability database and advanced scanning capabilities, our users can quickly identify and remediate vulnerabilities in their WordPress sites and plugins. Don't wait for an attack to happen, protect your website with today.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture