CVE-2026-2580 | flippercode WP Maps Plugin up to 4.9.1 on WordPress Parameter orderby sql injection (EUVD-2026-14335)

Inserito da Angelo Barbosa | Mar 23, 2026 | CVE

A vulnerability categorized as critical has been discovered in flippercode WP Maps Plugin up to 4.9.1 on WordPress. Affected is an unknown function of the component Parameter Handler. Such manipulation of the argument orderby leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-2580. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-2580 | flippercode WP Maps Plugin up to 4.9.1 on WordPress Parameter orderby sql injection (EUVD-2026-14335)

Post correlati

CVE-2025-4681 | upKeeper Solutions upKeeper Instant Privilege Access up to 1.3.x privileges management

CVE-2024-52543 | Dell NativeEdge prior 2.1.0.0 temp file (dsa-2024-488)

CVE-2024-33582 | Lenovo Service Framework prior 2.5.0.218 uncontrolled search path

CVE-2024-36460 | Zabbix up to 5.0.42/6.0.30/6.4.15/7.0.0rc2 Front-end Audit Log credentials storage