Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2019-10692

Published: 02/04/2019 Updated: 23/05/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 791
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Wp Go Maps

Vulnerability Summary

In the wp-google-maps plugin prior to 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

codecabin wp go maps

Exploits

Exploit DB: WordPress Rest Google Maps SQL Injection
WordPress Rest Google Maps plugin versions prior to 71118 suffer from a remote SQL injection vulnerability ...

References

CWE-89https://wordpress.org/plugins/wp-google-maps/#developershttps://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqlihttp://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook