2 matches found
WordPress WP Google Map Plugin Plugin <= 4.6.1 is vulnerable to SQL Injection
Software WP Google Map Plugin Type Plugin Vulnerable versions = 4.6.1 Fixed in 4.6.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-2386 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 6fa4ba8a185e Credits Krzysztof Zając Required privilege Contributo...
CVE-2024-2386
CVE-2024-2386 affects WP Maps – Display Google Maps Perfectly with Ease (WP MAPS) WordPress plugin. It enables SQL Injection via the id parameter of the put_wpgm shortcode in all versions up to 4.6.1 due to insufficient escaping and improper query preparation. Authenticated attackers with contrib...