51 matches found
CVE-2024-31116
CVE-2024-31116 affects 10Web Map Builder for Google Maps (WordPress plugin: wd-google-maps) up to version 1.0.74. The issue is an SQL Injection due to improper neutralization of inputs in the plugin’s map builder, exploitable by an authenticated attacker with Administrator privileges. The vulnera...
CVE-2024-31116 WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74...
PT-2024-23786 · 10Web · 10Web Map Builder For Google Maps
Name of the Vulnerable Software and Affected Versions: 10Web Map Builder for Google Maps versions 1.0.74 and earlier Description: The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. Recommendations: For versions...
WordPress Plugin 10Web Map Builder for Google Maps SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin 10Web Map Builder for...
WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin 10Web Map Builder for Google Maps versions = 1.0.74...
WordPress 10Web Map Builder for Google Maps Plugin <= 1.0.74 is vulnerable to SQL Injection
Software 10Web Map Builder for Google Maps Type Plugin Vulnerable versions = 1.0.74 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-31116 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID c40efbea472d Credits Muhammad Daffa Required privileg...
10Web Map Builder for Google Maps < 1.0.74 - Cross-Site Request Forgery to Notice Dismissal
Description The 10Web Map Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.73. This is due to missing or incorrect nonce validation on the gmwdbpinstallnoticestatus function. This makes it possible for unauthenticated attackers to...
WordPress 10Web Map Builder for Google Maps Plugin <= 1.0.73 is vulnerable to Broken Access Control
Software 10Web Map Builder for Google Maps Type Plugin Vulnerable versions = 1.0.73 Fixed in 1.0.74 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45272 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 599bb14612c3 Credits Abdi...
CVE-2022-45846
Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...
CVE-2022-45846
The CVE-2022-45846 entry concerns Nickys Image Map Pro for WordPress – Interactive SVG Image Map Builder plugin, vulnerable to Cross-Site Request Forgery (CSRF) in versions older than 5.6.9. Multiple connected sources corroborate a CSRF condition in this plugin prior to 5.6.9, with public advisor...
CVE-2023-25704
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...
CVE-2023-25704
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...
CVE-2023-25704
CVE-2023-25704 involves a Stored Cross-Site Scripting (XSS) vulnerability in the Mehjabin Orthi Interactive SVG Image Map Builder plugin for WordPress, affecting versions
WordPress Plugin Interactive SVG Image Map Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2023-0037
The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
Sql injection
The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2023-0037
Vulnerability summary: The WordPress plugin “10Web Map Builder for Google Maps” (
CVE-2023-0037 10WebMapBuilder < 1.0.73 - Unauthenticated SQLi
The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...