CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

10web

map_builder_for_google_maps

4 known vulnerabilities · sorted by CVSS score

CVE-2023-0037

CRITICAL9.8

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

10web / map_builder_for_google_maps

Network

Published Mar 13, 2023

CVE-2024-31116

HIGH7.6

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.74.

10web / map_builder_for_google_maps

Network

Published Mar 31, 2024

CVE-2022-4758

MEDIUM5.4

The 10WebMapBuilder WordPress plugin before 1.0.72 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.

10web / map_builder_for_google_maps

Network

Published Jan 23, 2023

CVE-2023-45272

MEDIUM5.4

Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 10Web Map Builder for Google Maps: from n/a through 1.0.73.

10web / map_builder_for_google_maps

Network

Published Jan 2, 2025