cleantalk
Vulnerabilities and Security Researches

Ultimate Maps by Supsystic, 83d02d55e621b64b2ba6bfa94a1543a55d5b7a0f

CVE, Research URL

83d02d55e621b64b2ba6bfa94a1543a55d5b7a0f

Home page URL

Security reports for Ultimate Maps by Supsystic

Application

Ultimate Maps by Supsystic

Published on
Feb 08, 2021
Research Description
Ultimate Maps by Supsystic [ultimate-maps-by-supsystic] < 1.1.17 Ultimate Maps by Supsystic <= 1.1.16 - Authenticated SQL Injection The Ultimate Maps by Supsystic plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.1.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated-level attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions
max 1.1.17.
Status
vulnerable
Previous vulnerability researches
Wishlist and Compare for WooCommerce (ad09a648-3c34-4870-b156-097af4fd7a57) , Jun 16, 2026
Wishlist and Compare for WooCommerce (d16ff76f2758ae5cd2524881fb65080698c295c3) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026