The Maps Plugin using Google Maps for WordPress plugin before 1.8.4 does not have CSRF checks in most of its AJAX actions, which could allow attackers to make logged in admins delete arbitrary posts and update the plugin's settings via a CSRF attack
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-02-28T09:06:35

Updated: 2024-08-03T19:56:10.996Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-25081

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-28T09:15:08.627

Modified: 2024-11-21T05:54:18.860

Link: CVE-2021-25081

cve-icon Redhat

No data.