Lucene search
K

51 matches found

CVE
CVE
added 2024/03/31 6:15 p.m.86 views

CVE-2024-31116

CVE-2024-31116 affects 10Web Map Builder for Google Maps (WordPress plugin: wd-google-maps) up to version 1.0.74. The issue is an SQL Injection due to improper neutralization of inputs in the plugin’s map builder, exploitable by an authenticated attacker with Administrator privileges. The vulnera...

7.6CVSS8.9AI score0.00541EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/31 6:15 p.m.20 views

CVE-2024-31116 WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74...

7.6CVSS7.7AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/31 12:0 a.m.5 views

PT-2024-23786 · 10Web · 10Web Map Builder For Google Maps

Name of the Vulnerable Software and Affected Versions: 10Web Map Builder for Google Maps versions 1.0.74 and earlier Description: The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. Recommendations: For versions...

7.6CVSS9.9AI score0.00541EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/31 12:0 a.m.4 views

WordPress Plugin 10Web Map Builder for Google Maps SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin 10Web Map Builder for...

7.6CVSS8.8AI score0.00541EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/29 12:34 p.m.4 views

WordPress 10Web Map Builder for Google Maps plugin <= 1.0.74 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin 10Web Map Builder for Google Maps versions = 1.0.74...

7.6CVSS9.2AI score0.00541EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/03/29 12:0 a.m.14 views

WordPress 10Web Map Builder for Google Maps Plugin <= 1.0.74 is vulnerable to SQL Injection

Software 10Web Map Builder for Google Maps Type Plugin Vulnerable versions = 1.0.74 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-31116 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID c40efbea472d Credits Muhammad Daffa Required privileg...

7.6CVSS6.9AI score0.00541EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/24 12:0 a.m.7 views

10Web Map Builder for Google Maps < 1.0.74 - Cross-Site Request Forgery to Notice Dismissal

Description The 10Web Map Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.73. This is due to missing or incorrect nonce validation on the gmwdbpinstallnoticestatus function. This makes it possible for unauthenticated attackers to...

6.6AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/10/06 12:0 a.m.10 views

WordPress 10Web Map Builder for Google Maps Plugin <= 1.0.73 is vulnerable to Broken Access Control

Software 10Web Map Builder for Google Maps Type Plugin Vulnerable versions = 1.0.73 Fixed in 1.0.74 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45272 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 599bb14612c3 Credits Abdi...

6.7AI score0.0029EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/05/10 12:15 p.m.34 views

CVE-2022-45846

Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...

8.8CVSS6.5AI score0.00253EPSS
Exploits0References1
Prion
Prion
added 2023/05/10 12:15 p.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Nickys Image Map Pro for WordPress - Interactive SVG Image Map Builder plugin 5.6.9 versions...

6.8CVSS8.8AI score0.00253EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/10 11:8 a.m.45 views

CVE-2022-45846

The CVE-2022-45846 entry concerns Nickys Image Map Pro for WordPress – Interactive SVG Image Map Builder plugin, vulnerable to Cross-Site Request Forgery (CSRF) in versions older than 5.6.9. Multiple connected sources corroborate a CSRF condition in this plugin prior to 5.6.9, with public advisor...

8.8CVSS7.2AI score0.00253EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/03/28 9:15 a.m.4 views

CVE-2023-25704

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2023/03/28 9:15 a.m.20 views

CVE-2023-25704

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/03/28 9:15 a.m.14 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Mehjabin Orthi Interactive SVG Image Map Builder plugin = 1.0 versions...

4.3CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/28 8:19 a.m.49 views

CVE-2023-25704

CVE-2023-25704 involves a Stored Cross-Site Scripting (XSS) vulnerability in the Mehjabin Orthi Interactive SVG Image Map Builder plugin for WordPress, affecting versions

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/28 12:0 a.m.3 views

WordPress Plugin Interactive SVG Image Map Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References2
OSV
OSV
added 2023/03/13 5:15 p.m.3 views

CVE-2023-0037

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS7.3AI score0.03911EPSS
Exploits2References2
Prion
Prion
added 2023/03/13 5:15 p.m.19 views

Sql injection

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

7.5CVSS9.7AI score0.03911EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2023/03/13 4:3 p.m.91 views

CVE-2023-0037

Vulnerability summary: The WordPress plugin “10Web Map Builder for Google Maps” (

9.8CVSS9.9AI score0.03911EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/13 4:3 p.m.12 views

CVE-2023-0037 10WebMapBuilder < 1.0.73 - Unauthenticated SQLi

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8AI score0.03911EPSS
Exploits2References2
Rows per page
Query Builder