Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2026/06/13 6:0 a.m.7 views

CVE-2026-9061 Agile Store Locator < 1.6.9 - Admin+ Stored XSS via logo_name

The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata before storing it and outputting it on the Store Locator WordPress plugin before 1.6.9 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

5.2AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/13 6:0 a.m.11 views

EUVD-2026-36643

The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata before storing it and outputting it on the Store Locator WordPress plugin before 1.6.9 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

5.3AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2026/06/13 6:0 a.m.20 views

CVE-2026-9061

CVE-2026-9061 affects the Store Locator WordPress plugin prior to 1.6.9. The description in the provided documents states that store logo metadata is not sanitized/escaped before storage and output on the admin page, allowing high-privilege users (e.g., administrators) to perform a Stored XSS att...

3.5CVSS5.3AI score0.00145EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.17 views

PT-2026-49079

Name of the Vulnerable Software and Affected Versions Store Locator WordPress plugin versions prior to 1.6.9 Description Insufficient sanitization and escaping of store logo metadata before it is stored and displayed on the admin page allows high-privileged users, such as administrators, to execu...

3.5CVSS5.4AI score0.00145EPSS
Exploits0References6
Rows per page
Query Builder