CVE-2025-24742

Name of the Vulnerable Software and Affected Versions WP Go Maps versions prior to 9.0.41

Description The issue is a Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps, formerly known as WP Google Maps. This vulnerability allows an attacker to trick a user into performing unintended actions on a web application that the user is authenticated to.

Recommendations For versions prior to 9.0.41, update to version 9.0.41 or later to resolve the issue. As a temporary workaround, consider implementing additional security measures such as validating user requests and ensuring that all state-changing actions require a token that is verified by the server to prevent CSRF attacks.