19 matches found
EUVD-2025-15313
Malicious code in bioql PyPI...
WordPress JSP Store Locator plugin <= 1.0 - Deletion via Missing CSRF vulnerability
Deletion via Missing CSRF vulnerability discovered by Bob Matyas in WordPress Plugin JSP Store Locator versions = 1.0...
CVE-2024-12301
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-11267
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks...
CVE-2024-12301
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-12301
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-12301
CVE-2024-12301 involves the JSP Store Locator WordPress plugin (
CVE-2024-12301 JSP Store Locator <= 1.0 - Deletion via Missing CSRF
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-12301 JSP Store Locator <= 1.0 - Deletion via Missing CSRF
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-11267 JSP Store Locator <= 1.0 - Contributor+ SQL Injection
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks...
CVE-2024-11267 JSP Store Locator <= 1.0 - Contributor+ SQL Injection
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks...
CVE-2024-11267
CVE-2024-11267 concerns the JSP Store Locator WordPress plugin (versions up to 1.0) where an input parameter is not sanitized/escaped before being used in a SQL statement, enabling a user with Contributor privileges to perform SQL injection. The vulnerability is documented across multiple sources...
PT-2025-21418
Name of the Vulnerable Software and Affected Versions: JSP Store Locator WordPress plugin versions 1.0 and earlier Description: The issue allows users with Contributor access to perform SQL injection attacks due to the lack of sanitization and escaping of a parameter before its use in a SQL...
PT-2025-21427 · WordPress · Jsp Store Locator
Name of the Vulnerable Software and Affected Versions: JSP Store Locator WordPress plugin versions 1.0 and earlier Description: The issue is related to the lack of CSRF checks in some areas of the plugin, which could allow attackers to make logged-in users perform unwanted actions via CSRF attack...
WordPress plugin JSP Store Locator 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Joomla JSP Store Locator 2.2 Component - id Parameter SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component JSP Store Locator v2.2 - SQL Injection Google Dork: inurl:index.php?option=comjsplocation Date: 15.02.2017 Vendor Homepage: http://joomlaserviceprovider.com Software Buy:...
Joomla JSP Store Locator 2.2 SQL Injection
Exploit Title: Joomla! Component JSP Store Locator v2.2 - SQL Injection Google Dork: inurl:index.php?option=comjsplocation Date: 15.02.2017 Vendor Homepage: http://joomlaserviceprovider.com Software Buy: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/jsplocatio...
Joomla! Component JSP Store Locator 2.2 - id SQL Injection
Joomla! Component JSP Store Locator 2.2 - id SQL Injection Exploit Title: Joomla! Component JSP Store Locator v2.2 - SQL Injection Google Dork: inurl:index.php?option=comjsplocation Date: 15.02.2017 Vendor Homepage: http://joomlaserviceprovider.com Software Buy:...
Joomla! Component JSP Store Locator 2.2 - 'id' SQL Injection
Exploit Title: Joomla! Component JSP Store Locator v2.2 - SQL Injection Google Dork: inurl:index.php?option=comjsplocation Date: 15.02.2017 Vendor Homepage: http://joomlaserviceprovider.com Software Buy: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/jsplocatio...