CVE-2025-11365 WP Google Map Plugin <= 1.0 - Authenticated (Contributor+) SQL Injection

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

EUVD-2025-34548

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

AZL-68315 CVE-2024-56592 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpfmapfdputptr will invoke bpfmapfreeid to free the id of the removed map element...

CVE-2024-50971

A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the mapid parameter...

itsourcecode Project Expense Monitoring System SQL注入漏洞

itsourcecode Project Expense Monitoring System is a project expense monitoring system from itsourcecode. A SQL injection vulnerability exists in itsourcecode Project Expense Monitoring System version 1.0, which stems from some unknown functionality in the file print.php, where manipulation of the...

PT-2024-38700 · Unknown · Itsourcecode Project Expense Monitoring System

Name of the Vulnerable Software and Affected Versions: itsourcecode Project Expense Monitoring System version 1.0 Description: A critical issue affects some unknown functionality of the file print.php. The manipulation of the map id argument leads to SQL injection. This issue can be exploited...

CVE-2023-6697

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2023-6697 WP Go Maps (formerly WP Google Maps) <= 9.0.28 - Reflected Cross-Site Scripting

The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the map id parameter in all versions up to, and including, 9.0.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

WordPress custom-map plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . custom-map plugin is used in one of the custom map plugin . A cross-site scripting vulnerability exists in WordPres...