🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

10Web Map Builder for Google Maps

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > 10Web Map Builder for Google Maps

Information

Software Type	Plugin
Software Slug	wd-google-maps (view on wordpress.org)
Software Status	Removed
Software Author	10web
Software Website	10web.io
Software Downloads	502,171
Software Active Installs	9,000
Software Record Last Updated	April 16, 2024

7 Vulnerabilities

10Web Map Builder for Google Maps <= 1.0.74 - Authenticated (Administrator+) SQL Injection

9.1

CVE-2024-31116

Mar 29, 2024

Researcher: Muhammad Daffa

10Web Map Builder for Google Maps <= 1.0.73 - Missing Authorization to Notice Dismissal

4.3

CVE-2023-45272

Sep 13, 2023

Researcher: Abdi Pranata

10Web Map Builder for Google Maps <= 1.0.72 - Unauthenticated SQL Injection via Multiple Parameters

9.8

CVE-2023-0037

Feb 20, 2023

Researchers: Daniel Krohmer, Kunal Sharma

10Web Map Builder for Google Maps <= 1.0.72 - Unauthenticated SQL Injection

9.8

CVE ID Unknown

Jan 11, 2023

Researchers:

10WebMapBuilder <= 1.0.71 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4

CVE-2022-4758

Dec 29, 2022

Researcher: István Márton

10Web Map Builder for Google Maps <= 1.0.69 - Authenticated Stored Cross-Site Scripting

6.4

CVE ID Unknown

Jun 14, 2021

Researcher: Vladislav Pokrovsky (ΞX.MI)

10WebMapBuilder <= 1.0.63 - Unauthenticated Stored Cross-Site Scripting via Plugin Settings Change

7.2

CVE ID Unknown

Feb 27, 2020

Researcher: Mikey Veenstra

Title	CVE ID	CVSS	Researchers	Date
10Web Map Builder for Google Maps <= 1.0.74 - Authenticated (Administrator+) SQL Injection	CVE-2024-31116	9.1	Muhammad Daffa	March 29, 2024
10Web Map Builder for Google Maps <= 1.0.73 - Missing Authorization to Notice Dismissal	CVE-2023-45272	4.3	Abdi Pranata	September 13, 2023
10Web Map Builder for Google Maps <= 1.0.72 - Unauthenticated SQL Injection via Multiple Parameters	CVE-2023-0037	9.8	Daniel Krohmer, Kunal Sharma	February 20, 2023
10Web Map Builder for Google Maps <= 1.0.72 - Unauthenticated SQL Injection		9.8		January 11, 2023
10WebMapBuilder <= 1.0.71 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode	CVE-2022-4758	6.4	István Márton	December 29, 2022
10Web Map Builder for Google Maps <= 1.0.69 - Authenticated Stored Cross-Site Scripting		6.4	Vladislav Pokrovsky (ΞX.MI)	June 14, 2021
10WebMapBuilder <= 1.0.63 - Unauthenticated Stored Cross-Site Scripting via Plugin Settings Change		7.2	Mikey Veenstra	February 27, 2020

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation