Super Store Finder Security Vulnerabilities
Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php...
8.8CVSS
8.9AI Score
0.003EPSS
Super Store Finder v3.6 and below was discovered to contain a SQL injection vulnerability via the Search parameter at...
7.2CVSS
7.2AI Score
0.001EPSS
The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attackers....
5.8CVSS
5.5AI Score
0.001EPSS
Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng...
9.8CVSS
9.9AI Score
0.001EPSS
A hard coded password in Super Store Finder v3.6 allows attackers to access the administration...
9.8CVSS
9.3AI Score
0.001EPSS
A vulnerability was found in Super Store Finder 3.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component POST Parameter Handler. The manipulation of the argument products leads to sql injection. The attack can be...
9.8CVSS
9.6AI Score
0.001EPSS