Lucene search
Nguy Minh Tuan (Patchstack Alliance)PATCHSTACK:E66B25462AE761C9FD5F5B968A9043A1HistorySep 28, 2022 - 12:00 a.m.
WordPress Store Locator plugin <= 1.4.5 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability
2022-09-2800:00:00
Nguy Minh Tuan (Patchstack Alliance)
patchstack.com
5
0.001 Low
EPSS
Percentile
21.0%
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability was discovered by Nguy Minh Tuan (Patchstack Alliance) in the WordPress Store Locator plugin (versions <= 1.4.5).
Solution
Update the WordPress Store Locator WordPress plugin to the latest available version (at least 1.4.6).
| CPE | Name | Operator | Version |
|---|---|---|---|
| store locator wordpress | le | 1.4.5 |
Related
cve
cve
CVE-2022-41615
2022-11-18 23:15:25
cvelist
cvelist
prion
prion
Cross site request forgery (csrf)
2022-11-18 23:15:00
wpvulndb
wpvulndb
Store Locator < 1.4.6 - Stored XSS via CSRF
2022-09-28 00:00:00
nvd
nvd
CVE-2022-41615
2022-11-18 23:15:25