cleantalk
Vulnerabilities and Security Researches

MapPress Maps for WordPress, CVE-2020-12077

CVE, Research URL

CVE-2020-12077

Home page URL

Security reports for MapPress Maps for WordPress

Application

MapPress Maps for WordPress

Published on
Apr 23, 2020
Research Description
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.
Affected versions
Min -, max 2.53.9.
Status
vulnerable
Previous vulnerability researches
MapPress Maps for WordPress (CVE-2025-2055) , Apr 05, 2025
MapPress Maps for WordPress (CVE-2025-2162) , Apr 23, 2025
MapPress Maps for WordPress (CVE-2024-10715) , Nov 07, 2024
MapPress Maps for WordPress (CVE-2020-12675) , Jun 07, 2024
MapPress Maps for WordPress (CVE-2022-0537) , Jun 07, 2024
New vulnerability
Formality (CVE-2025-3858) , May 20, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP & AMP (CVE-2024-7759) , May 19, 2025
Badgearoo (CVE-2025-1033) , May 19, 2025