CVE-2023-5315
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2023-5315 is a vulnerability affecting the Google Maps made Simple plugin for WordPress. This issue allows authenticated attackers with subscriber-level and above permissions to inject SQL queries into the plugin's shortcode through insufficient escaping and inadequate query preparation. As a result, sensitive information from the database can be extracted. This vulnerability poses a significant risk to WordPress sites using the Google Maps made Simple plugin, particularly those running versions up to and including 0.6. It is crucial for site administrators to update the plugin to the latest version or consider removing it entirely to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.