CVE-2023-45272
- EPSS 0.06%
- Veröffentlicht 02.01.2025 15:15:19
- Zuletzt bearbeitet 06.03.2025 16:24:25
Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.
CVE-2024-31116
- EPSS 0.21%
- Veröffentlicht 31.03.2024 19:15:49
- Zuletzt bearbeitet 06.03.2025 15:00:11
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.
CVE-2023-0037
- EPSS 69.4%
- Veröffentlicht 13.03.2023 17:15:12
- Zuletzt bearbeitet 27.02.2025 21:15:16
The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
CVE-2022-4758
- EPSS 0.11%
- Veröffentlicht 23.01.2023 15:15:17
- Zuletzt bearbeitet 02.04.2025 16:15:29
The 10WebMapBuilder WordPress plugin before 1.0.72 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting...