CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

RedhatCVE•added 2026/01/09 12:31 p.m.•3 views

CVE-2023-4476

The Locatoraid Store Locator WordPress plugin before 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.0042EPSS

Exploits2References1

RedhatCVE•added 2026/01/01 1:34 p.m.•3 views

CVE-2025-62140

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in plainware Locatoraid Store Locator locatoraid allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through = 3.9.68...

5.9CVSS5.9AI score0.00186EPSS

Exploits0References1

CVE•added 2025/12/31 1:24 p.m.•5 views

CVE-2025-62140

Technical details about CVE-2025-62140 (Locatoraid Store Locator XSS) are not provided in the connected documents; no affected versions, impact, or fixes are specified here. Monitor official advisories for updates and patches.

5.9CVSS5.9AI score0.00186EPSS

Exploits0References1

Cvelist•added 2025/12/31 1:24 p.m.•23 views

CVE-2025-62140 WordPress Locatoraid Store Locator plugin <= 3.9.68 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00186EPSS

Exploits0References1

EUVD•added 2025/12/31 1:24 p.m.•2 views

EUVD-2025-205966

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.65...

5.9CVSS5.5AI score0.00186EPSS

Exploits0References2

Vulnrichment•added 2025/12/31 1:24 p.m.•3 views

CVE-2025-62140 WordPress Locatoraid Store Locator plugin <= 3.9.65 - Cross Site Scripting (XSS) vulnerability

5.9CVSS5.6AI score0.00186EPSS

Exploits0References1

Patchstack•added 2025/12/31 1:22 p.m.•8 views

WordPress Locatoraid Store Locator plugin <= 3.9.67 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Zeeshan Haider in WordPress Plugin Locatoraid Store Locator versions = 3.9.67...

5.9CVSS5.3AI score0.00186EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-54331

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0042EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-53080

Malicious code in bioql PyPI...

8.1CVSS8.7AI score0.0041EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-50075

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00355EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-28114

Malicious code in bioql PyPI...

5.9CVSS8.6AI score0.00359EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:16 a.m.•3 views

CVE-2024-30181

5.9CVSS8.6AI score0.00359EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 9:10 a.m.•3 views

CVE-2024-56283

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS7.2AI score0.0041EPSS

Exploits0References1

NVD•added 2025/01/07 11:15 a.m.•5 views

CVE-2024-56283

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS0.0041EPSS

Exploits0References1

Cvelist•added 2025/01/07 10:49 a.m.•14 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS0.0041EPSS

Exploits0References1

Vulnrichment•added 2025/01/07 10:49 a.m.•7 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50...

8.1CVSS6.9AI score0.0041EPSS

Exploits0References1

Cvelist•added 2024/10/16 2:5 a.m.•22 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00355EPSS

Exploits0References3

Vulnrichment•added 2024/10/16 2:5 a.m.•9 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

6.1CVSS6.4AI score0.00355EPSS

Exploits0References3

Patchstack•added 2024/10/15 1:18 p.m.•1 views

WordPress Locatoraid Store Locator plugin <= 3.9.47 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Locatoraid Store Locator versions = 3.9.47...

6.1CVSS6.3AI score0.00355EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/10/15 12:0 a.m.•3 views

PT-2024-39740 · WordPress · Locatoraid Store Locator

Name of the Vulnerable Software and Affected Versions: Locatoraid Store Locator plugin for WordPress versions up to, and including, 3.9.47 Description: The issue is related to Reflected Cross-Site Scripting via $ POST keys due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.8AI score0.00355EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by