← back
CVE-2022-1123

Leaflet Maps Marker < 3.12.5 - Admin+ SQLi

EPSS 1.0%CWE-89
The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.
Affected products
Unknown · Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wpscan.com/vulnerability/03e0d4d5-0184-4a15-b8ac-fdc2010e4812