← back
CVE-2019-10692

CVE-2019-10692

EPSS 78.7%
Vexday Risk Score
40Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 78.7%KEV nãoPoC Nuclei simMetasploit simPatch
Lifecycle
02 Apr 2019Metasploit module available
02 Apr 2019Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.
Affected products
n/a · n/a