Lucene search
WPScanCVE-2022-1123HistoryAug 29, 2022 - 6:15 p.m.
CVE-2022-1123
2022-08-2918:15:08
CWE-89
WPScan
web.nvd.nist.gov
43
5
cve-2022-1123
leaflet maps marker
wordpress
sql injection
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.7%
The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.
Affected configurations
Node
mapsmarkerleaflet_maps_markerRange<3.12.5wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mapsmarker | leaflet_maps_marker | * | cpe:2.3:a:mapsmarker:leaflet_maps_marker:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.12.5",
"status": "affected",
"version": "3.12.5",
"versionType": "custom"
}
]
}
]Social References
More
Related
patchstack
patchstack
cvelist
cvelist
CVE-2022-1123 Leaflet Maps Marker < 3.12.5 - Admin+ SQLi
2022-08-29 14:40:24
prion
prion
Sql injection
2022-08-29 18:15:00
wpvulndb
wpvulndb
Leaflet Maps Marker < 3.12.5 - Admin+ SQLi
2022-08-08 00:00:00
nvd
nvd
CVE-2022-1123
2022-08-29 18:15:08
wpexploit
wpexploit
Leaflet Maps Marker < 3.12.5 - Admin+ SQLi
2022-08-08 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
37.7%
Related for CVE-2022-1123