CVE-2022-29453

Description

Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.

Related CPE's

aayecodeapi_key_for_google_maps*****wordpress**

References

https://patchstack.com/database/vulnerability/api-key-for-google-maps/wordpress-api-key-for-google-maps-plugin-1-2-1-csrf-vulnerability-leading-to-google-maps-api-key-update

Third Party Advisory

https://wordpress.org/plugins/api-key-for-google-maps/#developers

Release NotesThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

4.300000190734863

VectorString

AV:N/AC:M/Au:N/C:N/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

NONE

Created by Yello
About Severity.io