WordPress.org

Ready to get started?Download WordPress

Forums

Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)
[resolved] SQL injection vulnerability? (4 posts)

  1. Dangthrimble
    Member
    Posted 1 year ago #

    I am in the process of creating a WordPress web site including using Leaflet Maps Marker which I really like. However, according to http://thesoulofdesign.com/2012/10/leaflet-maps-marker-sqli-vulnerable-wp-plugin.html, Leaflet Maps Marker is vulnerable to SQL injection. Can you advise whether this is a true vulnerability that I need to be concerned about? Thanks.

    http://wordpress.org/extend/plugins/leaflet-maps-marker/

  2. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Hi,
    v2.2 of the plugin was audited by a security company and several issues were found which were all solves with v2.3. So this security warning is no longer valid and Maps Marker thus safe to use :-)
    regards,
    Robert

    PS: as I give support for free, I'd really appreciate a vote for my plugin on http://wordpress.org/extend/plugins/leaflet-maps-marker ;-)

  3. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Hi again,
    checked the info page again - I am not sure to what the author is referring (the old security report or a new one). According to his description I dont see how my plugin should be used for this kind of attack - I will contact him for details on how to reproduce this (my guess is still that he references the old security issues which already have been fixed...)

  4. RobertHarm
    Member
    Plugin Author

    Posted 1 year ago #

    Hi,
    the author just updated the info on his website - as guessed he was referring to security issues which were found in v2.2 and fixed with v2.3.
    regards,
    Robert

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags