exploitDog

CVE-2021-24130

Опубликовано: 18 мар. 2021

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+).

Ссылки

https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/46af9a4d-67ac-4e08-a753-a2a44245f4f8
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:weplugins:wp_maps:*:*:*:*:*:wordpress:*:*

Версия до 4.1.5 (исключая)

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-3xhc-3pqp-v39v

CVSS3: 7.2

github

больше 3 лет назад

Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+).

EPSS

Процентиль: 68%

0.00567

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

CWE-89