Lucene search
MitreCVELIST:CVE-2019-10692HistoryApr 02, 2019 - 5:37 p.m.
CVE-2019-10692
2019-04-0217:37:16
mitre
www.cve.org
1
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
References
packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html
www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli
plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755
wordpress.org/plugins/wp-google-maps/#developers
Related
cve
cve
CVE-2019-10692
2019-04-02 18:30:20
prion
prion
Design/Logic Flaw
2019-04-02 18:30:00
openvas
openvas
WordPress WP Google Maps Plugin < 7.11.18 SQL Injection Vulnerability
2019-04-10 00:00:00
wpexploit
wpexploit
WP Google Maps 7.11.00-7.11.17 - Unauthenticated SQL Injection
2019-04-02 00:00:00
nuclei
nuclei
WordPress Google Maps <7.11.18 - SQL Injection
2022-08-08 13:06:30
attackerkb
attackerkb
CVE-2019-10692
2019-04-02 00:00:00
wpvulndb
wpvulndb
WP Google Maps 7.11.00-7.11.17 - Unauthenticated SQL Injection
2019-04-02 00:00:00
nvd
nvd
CVE-2019-10692
2019-04-02 18:30:20
packetstorm
packetstorm
WordPress Rest Google Maps SQL Injection
2020-10-20 00:00:00
checkpoint_advisories
checkpoint_advisories
WordPress Google Maps Plugin SQL Injection (CVE-2019-10692)
2019-07-01 00:00:00
nessus
nessus
exploitdb
exploitdb
WordPress Plugin Rest Google Maps < 7.11.18 - SQL Injection
2020-10-20 00:00:00