Lucene search
+L

71 matches found

Vulnrichment
Vulnrichment
added 2025/01/07 10:49 a.m.7 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware.com Locatoraid Store Locator allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through 3.9.50...

8.1CVSS6.9AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2025/01/07 10:49 a.m.40 views

CVE-2024-56283

CVE-2024-56283 affects Locatoraid Store Locator (WordPress)

8.1CVSS7.2AI score0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 10:49 a.m.17 views

CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through = 3.9.50...

8.1CVSS0.00417EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/03 12:0 p.m.5 views

WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Locatoraid Store Locator versions = 3.9.50...

8.1CVSS7.3AI score0.00417EPSS
Exploits0Affected Software1
NVD
NVD
added 2024/10/16 2:15 a.m.18 views

CVE-2024-9652

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00355EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/16 2:5 a.m.28 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS0.00355EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/16 2:5 a.m.10 views

CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting

The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS6.4AI score0.00355EPSS
Exploits0References3
CVE
CVE
added 2024/10/16 2:5 a.m.48 views

CVE-2024-9652

CVE-2024-9652 affects Locatoraid Store Locator for WordPress. The vulnerability is a reflected XSS via POST parameters in all versions up to 3.9.47, caused by insufficient input sanitization and output escaping. Exploitation could allow unauthenticated attackers to inject scripts into pages that ...

6.1CVSS6.2AI score0.00355EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/15 1:18 p.m.3 views

WordPress Locatoraid Store Locator plugin <= 3.9.47 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Locatoraid Store Locator versions = 3.9.47...

6.1CVSS6.3AI score0.00355EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.9 views

WordPress Locatoraid Store Locator Plugin <= 3.9.47 is vulnerable to Cross Site Scripting (XSS)

Software Locatoraid Store Locator Type Plugin Vulnerable versions = 3.9.47 Fixed in 3.9.48 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9652 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b0bf6a78a627 Credits vgo0...

6.1CVSS5.6AI score0.00355EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.6 views

PT-2024-39740 · WordPress · Locatoraid Store Locator

Name of the Vulnerable Software and Affected Versions: Locatoraid Store Locator plugin for WordPress versions up to, and including, 3.9.47 Description: The issue is related to Reflected Cross-Site Scripting via $ POST keys due to insufficient input sanitization and output escaping. This allows...

6.1CVSS6.8AI score0.00355EPSS
Exploits0References7
WPVulnDB
WPVulnDB
added 2024/04/01 12:0 a.m.17 views

Locatoraid Store Locator < 3.9.31 - Authenticated (Administrator+) Stored Cross-Site Scripting

Description The Locatoraid Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.9.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

5.9CVSS5.9AI score0.00359EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/27 12:15 p.m.15 views

CVE-2024-30181

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.30...

5.9CVSS5.7AI score0.00359EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/27 11:39 a.m.14 views

CVE-2024-30181 WordPress Locatoraid Store Locator plugin <= 3.9.30 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.30...

5.9CVSS6.7AI score0.00359EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/27 11:39 a.m.34 views

CVE-2024-30181 WordPress Locatoraid Store Locator plugin <= 3.9.30 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.30...

5.9CVSS5.9AI score0.00359EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 11:39 a.m.55 views

CVE-2024-30181

Technical details for CVE-2024-30181 are not provided in the connected documents. Public specifics (affected product/version, exploit info, remediation) are not available here. Monitor official advisories and vendor updates for new information.

5.9CVSS8.6AI score0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.10 views

PT-2024-23232 · Unknown · Locatoraid Store Locator

Name of the Vulnerable Software and Affected Versions: Locatoraid Store Locator versions through 3.9.30 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can inject...

5.9CVSS8.8AI score0.00359EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.3 views

WordPress Plugin Locatoraid Store Locator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.9CVSS7AI score0.00359EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/03/25 12:0 a.m.7 views

WordPress Locatoraid Store Locator Plugin <= 3.9.30 is vulnerable to Cross Site Scripting (XSS)

Software Locatoraid Store Locator Type Plugin Vulnerable versions = 3.9.30 Fixed in 3.9.31 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30181 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f59c57fd908e Credits Joshua Chan Required...

5.9CVSS6.9AI score0.00359EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/09/25 4:15 p.m.18 views

CVE-2023-4476

The Locatoraid Store Locator WordPress plugin before 3.9.24 does not sanitise and escape the lpr-search parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6AI score0.0042EPSS
Exploits2References1
Rows per page
Query Builder