VYPR
Medium severity5.7NVD Advisory· Published Feb 28, 2022· Updated Jun 17, 2026No known patch

CVE-2021-25011

CVE-2021-25011

Description

The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper authorisation and CSRF in most of its AJAX actions, which could allow any authenticated users, such as subscriber to delete arbitrary posts and update the plugin's settings.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.