A high priority update has been issued for the WP Google Maps WordPress plugin to address a vulnerability. This issue could allow a malicious hacker to take control of a website. Users of this plugin are highly recommended to update to the latest version. Failure to do so may expose your site to a SQL Injection attack.
WP Google Maps Plugin Vulnerability
The vulnerability was reported by the WPScan Vulnerability Database. It affects versions 7.11.00 through 7.11.17, making them susceptible to an Unauthenticated SQL Injection exploit.
A SQL Injection exploit could expose your database to an attacker who can then make changes to a WordPress website.
The WP Google Maps changelog lists the most recent update as high priority and describes the issue as a “potential REST API exploit.”
This is a screenshot from the Official WP Google Maps Plugin changelog. It indicates that this update is very important because it fixes a security issue.
How to Fix the WP Google Maps Plugin Vulnerability
It is prudent to log in to your WordPress installation, then proceed to your Plugins Page or your Updates page. If your WP Google Maps Plugin version is between 7.11.00 and 7.11.17, you need to update. Your WordPress Plugins or Updates screen will likely notify you if the plugin needs updating.
Why this WordPress Plugin Update is Important
The WP Google Maps plugin is a highly popular WordPress plugin that allows publishers to add a customized Google Map to any WordPress page or post. The plugin is used by over 400,000 publishers and businesses. This popularity makes it an attractive target for hackers.
