Vulnerability Details CVE-2019-10692
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.894
EPSS Ranking 99.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html
- http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli
- https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755
- https://wordpress.org/plugins/wp-google-maps/#developers
- http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html
- http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli
- https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755
- https://wordpress.org/plugins/wp-google-maps/#developers
Products affected by CVE-2019-10692
-
cpe:2.3:a:codecabin:wp_go_maps:-
-
cpe:2.3:a:codecabin:wp_go_maps:1.1.1
-
cpe:2.3:a:codecabin:wp_go_maps:1.1.2
-
cpe:2.3:a:codecabin:wp_go_maps:1.1.3
-
cpe:2.3:a:codecabin:wp_go_maps:2.0
-
cpe:2.3:a:codecabin:wp_go_maps:2.1
-
cpe:2.3:a:codecabin:wp_go_maps:2.2
-
cpe:2.3:a:codecabin:wp_go_maps:3.0
-
cpe:2.3:a:codecabin:wp_go_maps:3.1
-
cpe:2.3:a:codecabin:wp_go_maps:3.10
-
cpe:2.3:a:codecabin:wp_go_maps:3.11
-
cpe:2.3:a:codecabin:wp_go_maps:3.12
-
cpe:2.3:a:codecabin:wp_go_maps:3.2
-
cpe:2.3:a:codecabin:wp_go_maps:3.3
-
cpe:2.3:a:codecabin:wp_go_maps:3.4
-
cpe:2.3:a:codecabin:wp_go_maps:3.5
-
cpe:2.3:a:codecabin:wp_go_maps:3.6
-
cpe:2.3:a:codecabin:wp_go_maps:3.7
-
cpe:2.3:a:codecabin:wp_go_maps:3.8
-
cpe:2.3:a:codecabin:wp_go_maps:3.9
-
cpe:2.3:a:codecabin:wp_go_maps:4.0
-
cpe:2.3:a:codecabin:wp_go_maps:4.01
-
cpe:2.3:a:codecabin:wp_go_maps:4.02
-
cpe:2.3:a:codecabin:wp_go_maps:4.03
-
cpe:2.3:a:codecabin:wp_go_maps:4.04
-
cpe:2.3:a:codecabin:wp_go_maps:4.05
-
cpe:2.3:a:codecabin:wp_go_maps:4.06
-
cpe:2.3:a:codecabin:wp_go_maps:4.07
-
cpe:2.3:a:codecabin:wp_go_maps:4.08
-
cpe:2.3:a:codecabin:wp_go_maps:4.09
-
cpe:2.3:a:codecabin:wp_go_maps:4.1
-
cpe:2.3:a:codecabin:wp_go_maps:4.10
-
cpe:2.3:a:codecabin:wp_go_maps:4.11
-
cpe:2.3:a:codecabin:wp_go_maps:4.12
-
cpe:2.3:a:codecabin:wp_go_maps:4.13
-
cpe:2.3:a:codecabin:wp_go_maps:4.14
-
cpe:2.3:a:codecabin:wp_go_maps:4.15
-
cpe:2.3:a:codecabin:wp_go_maps:4.16
-
cpe:2.3:a:codecabin:wp_go_maps:4.17
-
cpe:2.3:a:codecabin:wp_go_maps:4.18
-
cpe:2.3:a:codecabin:wp_go_maps:4.19
-
cpe:2.3:a:codecabin:wp_go_maps:4.20
-
cpe:2.3:a:codecabin:wp_go_maps:4.21
-
cpe:2.3:a:codecabin:wp_go_maps:4.22
-
cpe:2.3:a:codecabin:wp_go_maps:4.3
-
cpe:2.3:a:codecabin:wp_go_maps:4.4
-
cpe:2.3:a:codecabin:wp_go_maps:4.5
-
cpe:2.3:a:codecabin:wp_go_maps:4.6
-
cpe:2.3:a:codecabin:wp_go_maps:4.7
-
cpe:2.3:a:codecabin:wp_go_maps:4.8
-
cpe:2.3:a:codecabin:wp_go_maps:4.9
-
cpe:2.3:a:codecabin:wp_go_maps:5.0
-
cpe:2.3:a:codecabin:wp_go_maps:5.01
-
cpe:2.3:a:codecabin:wp_go_maps:5.02
-
cpe:2.3:a:codecabin:wp_go_maps:5.03
-
cpe:2.3:a:codecabin:wp_go_maps:5.04
-
cpe:2.3:a:codecabin:wp_go_maps:5.05
-
cpe:2.3:a:codecabin:wp_go_maps:5.06
-
cpe:2.3:a:codecabin:wp_go_maps:5.07
-
cpe:2.3:a:codecabin:wp_go_maps:5.08
-
cpe:2.3:a:codecabin:wp_go_maps:5.09
-
cpe:2.3:a:codecabin:wp_go_maps:5.10
-
cpe:2.3:a:codecabin:wp_go_maps:5.11
-
cpe:2.3:a:codecabin:wp_go_maps:5.12
-
cpe:2.3:a:codecabin:wp_go_maps:5.13
-
cpe:2.3:a:codecabin:wp_go_maps:5.14
-
cpe:2.3:a:codecabin:wp_go_maps:5.15
-
cpe:2.3:a:codecabin:wp_go_maps:5.16
-
cpe:2.3:a:codecabin:wp_go_maps:5.17
-
cpe:2.3:a:codecabin:wp_go_maps:5.18
-
cpe:2.3:a:codecabin:wp_go_maps:5.19
-
cpe:2.3:a:codecabin:wp_go_maps:5.20
-
cpe:2.3:a:codecabin:wp_go_maps:5.21
-
cpe:2.3:a:codecabin:wp_go_maps:5.22
-
cpe:2.3:a:codecabin:wp_go_maps:5.23
-
cpe:2.3:a:codecabin:wp_go_maps:5.24
-
cpe:2.3:a:codecabin:wp_go_maps:5.25
-
cpe:2.3:a:codecabin:wp_go_maps:5.26
-
cpe:2.3:a:codecabin:wp_go_maps:5.27
-
cpe:2.3:a:codecabin:wp_go_maps:5.28
-
cpe:2.3:a:codecabin:wp_go_maps:5.29
-
cpe:2.3:a:codecabin:wp_go_maps:5.30
-
cpe:2.3:a:codecabin:wp_go_maps:5.31
-
cpe:2.3:a:codecabin:wp_go_maps:5.32
-
cpe:2.3:a:codecabin:wp_go_maps:5.33
-
cpe:2.3:a:codecabin:wp_go_maps:5.34
-
cpe:2.3:a:codecabin:wp_go_maps:5.35
-
cpe:2.3:a:codecabin:wp_go_maps:5.36
-
cpe:2.3:a:codecabin:wp_go_maps:5.37
-
cpe:2.3:a:codecabin:wp_go_maps:5.38
-
cpe:2.3:a:codecabin:wp_go_maps:5.39
-
cpe:2.3:a:codecabin:wp_go_maps:5.40
-
cpe:2.3:a:codecabin:wp_go_maps:5.41
-
cpe:2.3:a:codecabin:wp_go_maps:5.42
-
cpe:2.3:a:codecabin:wp_go_maps:5.43
-
cpe:2.3:a:codecabin:wp_go_maps:5.44
-
cpe:2.3:a:codecabin:wp_go_maps:5.45
-
cpe:2.3:a:codecabin:wp_go_maps:5.46
-
cpe:2.3:a:codecabin:wp_go_maps:5.47
-
cpe:2.3:a:codecabin:wp_go_maps:5.48
-
cpe:2.3:a:codecabin:wp_go_maps:5.49
-
cpe:2.3:a:codecabin:wp_go_maps:5.50
-
cpe:2.3:a:codecabin:wp_go_maps:5.51
-
cpe:2.3:a:codecabin:wp_go_maps:5.52
-
cpe:2.3:a:codecabin:wp_go_maps:5.53
-
cpe:2.3:a:codecabin:wp_go_maps:5.54
-
cpe:2.3:a:codecabin:wp_go_maps:5.55
-
cpe:2.3:a:codecabin:wp_go_maps:5.56
-
cpe:2.3:a:codecabin:wp_go_maps:5.57
-
cpe:2.3:a:codecabin:wp_go_maps:5.58
-
cpe:2.3:a:codecabin:wp_go_maps:5.59
-
cpe:2.3:a:codecabin:wp_go_maps:5.60
-
cpe:2.3:a:codecabin:wp_go_maps:5.61
-
cpe:2.3:a:codecabin:wp_go_maps:5.62
-
cpe:2.3:a:codecabin:wp_go_maps:5.63
-
cpe:2.3:a:codecabin:wp_go_maps:5.64
-
cpe:2.3:a:codecabin:wp_go_maps:5.65
-
cpe:2.3:a:codecabin:wp_go_maps:5.66
-
cpe:2.3:a:codecabin:wp_go_maps:5.67
-
cpe:2.3:a:codecabin:wp_go_maps:5.68
-
cpe:2.3:a:codecabin:wp_go_maps:5.69
-
cpe:2.3:a:codecabin:wp_go_maps:5.70
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.0
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.1
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.10
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.11
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.12
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.13
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.14
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.15
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.16
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.17
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.18
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.19
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.2
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.20
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.21
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.22
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.23
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.24
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.25
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.26
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.27
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.28
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.29
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.3
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.30
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.31
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.32
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.4
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.5
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.6
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.7
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.8
-
cpe:2.3:a:codecabin:wp_go_maps:6.0.9
-
cpe:2.3:a:codecabin:wp_go_maps:6.00
-
cpe:2.3:a:codecabin:wp_go_maps:6.01
-
cpe:2.3:a:codecabin:wp_go_maps:6.02
-
cpe:2.3:a:codecabin:wp_go_maps:6.03
-
cpe:2.3:a:codecabin:wp_go_maps:6.04
-
cpe:2.3:a:codecabin:wp_go_maps:6.05
-
cpe:2.3:a:codecabin:wp_go_maps:6.06
-
cpe:2.3:a:codecabin:wp_go_maps:6.07
-
cpe:2.3:a:codecabin:wp_go_maps:6.08
-
cpe:2.3:a:codecabin:wp_go_maps:6.09
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.0
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.1
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.10
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.2
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.3
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.4
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.5
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.6
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.7
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.8
-
cpe:2.3:a:codecabin:wp_go_maps:6.1.9
-
cpe:2.3:a:codecabin:wp_go_maps:6.10
-
cpe:2.3:a:codecabin:wp_go_maps:6.11
-
cpe:2.3:a:codecabin:wp_go_maps:6.12
-
cpe:2.3:a:codecabin:wp_go_maps:6.13
-
cpe:2.3:a:codecabin:wp_go_maps:6.14
-
cpe:2.3:a:codecabin:wp_go_maps:6.15
-
cpe:2.3:a:codecabin:wp_go_maps:6.16
-
cpe:2.3:a:codecabin:wp_go_maps:6.17
-
cpe:2.3:a:codecabin:wp_go_maps:6.18
-
cpe:2.3:a:codecabin:wp_go_maps:6.19
-
cpe:2.3:a:codecabin:wp_go_maps:6.2.0
-
cpe:2.3:a:codecabin:wp_go_maps:6.2.1
-
cpe:2.3:a:codecabin:wp_go_maps:6.2.2
-
cpe:2.3:a:codecabin:wp_go_maps:6.2.3
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.0
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.00
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.01
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.02
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.03
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.04
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.05
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.06
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.07
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.08
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.09
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.10
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.11
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.12
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.13
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.14
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.15
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.16
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.17
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.18
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.19
-
cpe:2.3:a:codecabin:wp_go_maps:6.3.20
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.00
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.01
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.02
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.03
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.04
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.05
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.06
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.07
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.08
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.09
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.10
-
cpe:2.3:a:codecabin:wp_go_maps:6.4.11
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.00
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.01
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.02
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.03
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.04
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.05
-
cpe:2.3:a:codecabin:wp_go_maps:7.0.06
-
cpe:2.3:a:codecabin:wp_go_maps:7.00
-
cpe:2.3:a:codecabin:wp_go_maps:7.01
-
cpe:2.3:a:codecabin:wp_go_maps:7.02
-
cpe:2.3:a:codecabin:wp_go_maps:7.03
-
cpe:2.3:a:codecabin:wp_go_maps:7.04
-
cpe:2.3:a:codecabin:wp_go_maps:7.05
-
cpe:2.3:a:codecabin:wp_go_maps:7.06
-
cpe:2.3:a:codecabin:wp_go_maps:7.07
-
cpe:2.3:a:codecabin:wp_go_maps:7.08
-
cpe:2.3:a:codecabin:wp_go_maps:7.09
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.00
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.01
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.02
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.03
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.04
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.05
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.06
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.07
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.08
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.09
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.10
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.11
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.12
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.13
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.14
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.15
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.16
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.17
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.18
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.19
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.20
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.21
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.22
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.23
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.24
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.25
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.26
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.27
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.28
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.29
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.30
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.31
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.32
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.33
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.34
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.35
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.36
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.37
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.38
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.39
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.40
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.41
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.42
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.43
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.44
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.45
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.46
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.47
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.48
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.49
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.50
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.51
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.52
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.53
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.54
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.55
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.56
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.57
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.58
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.59
-
cpe:2.3:a:codecabin:wp_go_maps:7.10.60
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.00
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.01
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.02
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.03
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.04
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.05
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.06
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.07
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.08
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.09
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.10
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.11
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.12
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.13
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.14
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.15
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.16
-
cpe:2.3:a:codecabin:wp_go_maps:7.11.17