CVE-2022-29453: WordPress API KEY for Google Maps plugin <= 1.2.1 - CSRF vulnerability leading to Google Maps API key update
First published: Wed Jun 15 2022(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ayecode Api Key For Google Maps | <=1.2.1 |
Remedy
Update to 1.2.2 or higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-29453?
CVE-2022-29453 is a Cross-Site Request Forgery (CSRF) vulnerability in the API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update.
How severe is CVE-2022-29453?
CVE-2022-29453 has a severity rating of medium with a CVSS score of 4.3.
Which software versions are affected by CVE-2022-29453?
API KEY for Google Maps plugin versions up to and including 1.2.1 on WordPress are affected by CVE-2022-29453.
How can CVE-2022-29453 be exploited?
CVE-2022-29453 can be exploited through Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to update the Google Maps API key.
Is there a fix for CVE-2022-29453?
Yes, a fix for CVE-2022-29453 is available. Update API KEY for Google Maps plugin to version 1.2.2 or later.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/title
- agent/remedy
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/ayecode
- canonical/ayecode api key for google maps
- version/ayecode api key for google maps/1.2.1