Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-46124
HistoryMay 27, 2023 - 12:00 a.m.

WordPress Store Locator for WordPress with Google Maps - LotsOfLocales plugin cross-site request forgery vulnerability

2023-05-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
wordpress
store locator
cross-site request forgery
google maps
lotsoflocales
php
mysql

0.001 Low

EPSS

Percentile

27.6%

JSON

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. Cross-site request forgery vulnerability exists in WordPress Store Locator for WordPress with Google Maps - LotsOfLocales plugin version 3.98.7 and earlier versions. The vulnerability stems from a web application that does not adequately validate that a request is coming from a trusted user. An attacker can use this vulnerability to spoof malicious requests to trick victims into clicking on them to perform sensitive actions.

Related

cvelist 1
cve 1
prion 1
wpvulndb 1
nvd 1
cvelist
cvelist
CVE-2022-47446 WordPress Store Locator Plugin <= 3.98.7 is vulnerable to Cross Site Request Forgery (CSRF)
2023-05-24 16:05:31
cve
cve
CVE-2022-47446
2023-05-24 17:15:09
prion
prion
Cross site request forgery (csrf)
2023-05-24 17:15:00
wpvulndb
wpvulndb
Store Locator <= 3.98.7 - Settings Update via CSRF
2023-05-24 00:00:00
nvd
nvd
CVE-2022-47446
2023-05-24 17:15:09

0.001 Low

EPSS

Percentile

27.6%

JSON
Related for CNVD-2023-46124
cvelist1cve1prion1wpvulndb1nvd1