CVE-2026-3581

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Basic Google Maps Placemarks versions prior to 1.10.8

Description The Basic Google Maps Placemarks plugin for WordPress contains an authorization bypass. The issue arises because the plugin fails to properly verify if a user is authorized to perform specific actions, allowing unauthenticated attackers to modify stored map latitude and longitude options.

Recommendations Update the plugin to a version later than 1.10.7.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2026-3581

Affected Products

Basic Google Maps Placemarks

CVE-2026-3581

Weakness Enumeration

Related Identifiers

Affected Products

References · 5