10web

Map Builder For Google Maps

5 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2020-36853

  • EPSS 0.16%
  • Published 18.10.2025 03:33:23
  • Last modified 21.10.2025 19:31:25

The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This...

4.3

CVE-2023-45272

  • EPSS 0.08%
  • Published 02.01.2025 15:15:19
  • Last modified 06.03.2025 16:24:25

Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.

7.2

CVE-2024-31116

  • EPSS 0.21%
  • Published 31.03.2024 19:15:49
  • Last modified 06.03.2025 15:00:11

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.

9.8

CVE-2023-0037

Exploit
  • EPSS 66.55%
  • Published 13.03.2023 17:15:12
  • Last modified 27.02.2025 21:15:16

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

5.4

CVE-2022-4758

Exploit
  • EPSS 0.14%
  • Published 23.01.2023 15:15:17
  • Last modified 02.04.2025 16:15:29

The 10WebMapBuilder WordPress plugin before 1.0.72 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...