Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Basic Google Maps Placemarks Plugin for WordPress Allows Unauthorized Map Changes
CVE-2026-3581
Summary
Versions of the Basic Google Maps Placemarks plugin for WordPress up to 1.10.7 are vulnerable to unauthorized changes to maps. This means anyone can modify map settings without permission. To fix this, update the plugin to a version higher than 1.10.7.
Original title
The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is...
Original description
The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify stored map latitude and longitude options.
nvd CVSS3.1
5.3
Vulnerability type
CWE-862
Missing Authorization
Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026