// For flags

CVE-2021-45729

WordPress WP Google Map plugin <= 1.8.0 - Privilege Escalation vulnerability

Severity Score

5.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions <= 1.8.0) allows authenticated low-role users to create, edit, and delete maps.

Se ha detectado una vulnerabilidad de escalada de privilegios en el plugin WP Google Map de WordPress (versiones anteriores a 1.8.0 incluyéndola) permite a usuarios autenticados de bajo rol crear, editar y eliminar mapas

*Credits: Vulnerability discovered by Nguyen Van Khanh (Patchstack Red Team)
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-12-08 CVE Published
  • 2022-01-13 CVE Reserved
  • 2023-08-18 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-269: Improper Privilege Management
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Srmilon
Search vendor "Srmilon"
 Wp Google Map
Search vendor "Srmilon" for product "Wp Google Map"
 < 1.8.1
Search vendor "Srmilon" for product "Wp Google Map" and version " < 1.8.1"
wordpress
Affected