CVE-2022-1123

CVE-2022-1123: Leaflet Maps Marker < 3.12.5 - Admin+ SQLi

Vendor Unknown
Product Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
Weakness CWE-89 · SQLi
Published August 29, 2022
Last update August 2, 2024

CVSS base score

What the vulnerability does

01Description

The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.

Key dates

02Disclosure timeline

August 29, 2022 CVE published
August 2, 2024 Record updated