High severity8.3NVD Advisory· Published Oct 16, 2024· Updated Jun 16, 2026
CVE-2012-10018
CVE-2012-10018
Description
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forgery requests coming from a vulnerable site's server and ultimately perform an XSS attack if requesting an SVG file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <=1.0
- sekler/Mapplic - Custom Interactive Map WordPress Pluginv5Range: 0
- sekler/Mapplic Litev5Range: 0
Patches
Vulnerability mechanics
References
5- plugins.trac.wordpress.org/changeset/2503447nvdPatch
- packetstormsecurity.com/files/161919/nvdExploitThird Party Advisory
- packetstormsecurity.com/files/161920/nvdExploitThird Party Advisory
- www.wordfence.com/threat-intel/vulnerabilities/id/5aacabb5-94af-485a-af24-e84db3e3726fnvdThird Party Advisory
- www.mapplic.com/docs/nvdRelease Notes
News mentions
0No linked articles in our index yet.