CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1829

The Inline Google Maps WordPress plugin through 5.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2022-1829

Inline Google Maps Project » Inline Google Maps » Version: N/A

cpe:2.3:a:inline_google_maps_project:inline_google_maps:-
Inline Google Maps Project » Inline Google Maps » Version: 5.10

cpe:2.3:a:inline_google_maps_project:inline_google_maps:5.10
Inline Google Maps Project » Inline Google Maps » Version: 5.11

cpe:2.3:a:inline_google_maps_project:inline_google_maps:5.11
Inline Google Maps Project » Inline Google Maps » Version: 5.6

cpe:2.3:a:inline_google_maps_project:inline_google_maps:5.6
Inline Google Maps Project » Inline Google Maps » Version: 5.8

cpe:2.3:a:inline_google_maps_project:inline_google_maps:5.8
Inline Google Maps Project » Inline Google Maps » Version: 5.9

cpe:2.3:a:inline_google_maps_project:inline_google_maps:5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-1829

Products

Pricing

Contact Us