10Web Google Maps Security Problem
-
Godaddy hosts my managed WordPress site. Their security scans found this. They flagged this as a “serious” risk and told me to contact you ASAP:
—–
10Web Google Maps (1.0.74)10Web Map Builder for Google Maps <= 1.0.74 – Authenticated (Administrator+) SQL InjectionThe 10Web Map Builder for Google Maps plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.0.74 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
The page I need help with: [log in to see the link]
- The topic ‘10Web Google Maps Security Problem’ is closed to new replies.
