Lucene search
K

39 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.6 views

CVE-2023-4476

The Locatoraid Store Locator WordPress plugin before 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.0042EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/01 1:34 p.m.5 views

CVE-2025-62140

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware Locatoraid Store Locator locatoraid allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through = 3.9.68...

5.9CVSS5.9AI score0.00186EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 1:24 p.m.4 views

CVE-2025-62140 WordPress Locatoraid Store Locator plugin <= 3.9.65 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.65...

5.9CVSS5.6AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 1:24 p.m.8 views

CVE-2025-62140

Technical details about CVE-2025-62140 (Locatoraid Store Locator XSS) are not provided in the connected documents; no affected versions, impact, or fixes are specified here. Monitor official advisories for updates and patches.

5.9CVSS5.9AI score0.00186EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 1:24 p.m.5 views

EUVD-2025-205966

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.65...

5.9CVSS5.5AI score0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/31 1:24 p.m.27 views

CVE-2025-62140 WordPress Locatoraid Store Locator plugin <= 3.9.68 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware Locatoraid Store Locator locatoraid allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through = 3.9.68...

5.9CVSS0.00186EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 1:22 p.m.12 views

WordPress Locatoraid Store Locator plugin <= 3.9.67 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Zeeshan Haider in WordPress Plugin Locatoraid Store Locator versions = 3.9.67...

5.9CVSS5.3AI score0.00186EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54331

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0042EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-53080

Malicious code in bioql PyPI...

8.1CVSS8.7AI score0.00417EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-28114

Malicious code in bioql PyPI...

5.9CVSS8.6AI score0.00359EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-50075

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00355EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:16 a.m.6 views

CVE-2024-30181

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.30...

5.9CVSS8.6AI score0.00359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:10 a.m.4 views

CVE-2024-56283

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS7.2AI score0.00417EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 11:15 a.m.7 views

CVE-2024-56283

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 10:49 a.m.15 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/07 10:49 a.m.7 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50...

8.1CVSS6.9AI score0.00417EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/16 2:5 a.m.10 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.4AI score0.00355EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/16 2:5 a.m.26 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00355EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/15 1:18 p.m.3 views

WordPress Locatoraid Store Locator plugin <= 3.9.47 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Locatoraid Store Locator versions = 3.9.47...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.9 views

WordPress Locatoraid Store Locator Plugin <= 3.9.47 is vulnerable to Cross Site Scripting (XSS)

Software Locatoraid Store Locator Type Plugin Vulnerable versions = 3.9.47 Fixed in 3.9.48 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9652 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b0bf6a78a627 Credits vgo0...

6.1CVSS5.6AI score0.00355EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder