CVE-2023-45272
- EPSS 0.06%
- Published 02.01.2025 15:15:19
- Last modified 06.03.2025 16:24:25
Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.
CVE-2024-31116
- EPSS 0.21%
- Published 31.03.2024 19:15:49
- Last modified 06.03.2025 15:00:11
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.
CVE-2023-0037
- EPSS 69.4%
- Published 13.03.2023 17:15:12
- Last modified 27.02.2025 21:15:16
The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
CVE-2022-4758
- EPSS 0.11%
- Published 23.01.2023 15:15:17
- Last modified 02.04.2025 16:15:29
The 10WebMapBuilder WordPress plugin before 1.0.72 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...