The Geo Mashup plugin for WordPress has a security issue where hackers can inject harmful code into web pages. This can happen if users with a certain level of access use a specific feature called “geo_mashup_visible_posts_list.” This can put anyone who visits those pages at risk.