CVE-2022-1123

Summary

The Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps) WordPress plugin before 3.12.5 does not properly sanitize some parameters before inserting them into SQL queries. As a result, high privilege users could perform SQL injection attacks.

Affected Software

VendorProductVersion RangeStatus
UnknownLeaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)3.12.5 < 3.12.5affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References