What is CVE-2023-0037?

CVE-2023-0037 is a vulnerability in 10web Map Builder For Google Maps, classified under CWE-89 SQL INJECTION. Published 2023-03-13.

Is CVE-2023-0037 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in 10web Map Builder For Google Maps

CVE-2023-0037

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL inject…

EPSS: 0.617 (98.4th percentile) — read the EPSS interpretation.

Affected products

Unknown 10web Map Builder For Google Maps — versions 0

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cve-scores

References

wpscan.com/vulnerability/33ab1fe2-6611-4f43-91ba-52c56f02ed56 (exploit, vdb-entry, technical-description)
bulletin.iese.de/post/wd-google-maps_1-0-72_1

Frequently asked questions

What is CVE-2023-0037?: CVE-2023-0037 is a vulnerability in 10web Map Builder For Google Maps, classified under CWE-89 SQL INJECTION. Published 2023-03-13.
Is CVE-2023-0037 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.