EUVD-2025-8299

Malicious code in bioql PyPI...

CVE-2025-30919

Cross-Site Request Forgery CSRF vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through = 2025r2...

WordPress Store Locator Widget plugin <= 2025r2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Store Locator Widget versions = 2025r2...

CVE-2025-30919

Cross-Site Request Forgery CSRF vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through = 2025r2...

CVE-2025-30919

Cross-Site Request Forgery CSRF vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through = 2025r2...

CVE-2025-30919 WordPress Store Locator Widget plugin <= 2025r2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through = 2025r2...

CVE-2025-30919

The CVE-2025-30919 entry concerns Store Locator Widget (WordPress) with a CSRF vulnerability that enables Stored XSS. Public records indicate affected versions are Store Locator Widget up to 2025r2, and a remediation/patch has been released (patched) to fix the issue. The vulnerability allows cro...

CVE-2025-30919 WordPress Store Locator Widget plugin <= 2025r2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Store Locator Widgets Store Locator Widget store-locator-widget allows Stored XSS.This issue affects Store Locator Widget: from n/a through = 2025r2...

WordPress plugin Store Locator Widget 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-13657 Store Locator Widget <= 2025r1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Store Locator Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'storelocatorwidget' shortcode in all versions up to, and including, 2025r1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

WordPress plugin Store Locator Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2025-7374 · WordPress · Store Locator Widget

Name of the Vulnerable Software and Affected Versions: Store Locator Widget plugin for WordPress versions up to, and including, 20200131 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'storelocatorwidget' shortcode due to insufficient input sanitization and outp...