CVE-2025-67516

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through = 1.6.2...

EUVD-2025-202128

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Blind SQL Injection.This issue affects Store Locator WordPress: from n/a through = 1.6.2...

EUVD-2025-17244

Malicious code in bioql PyPI...

EUVD-2023-55618

Malicious code in bioql PyPI...

CVE-2025-49329

Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator WordPress: from n/a through = 1.5.2...

CVE-2025-49329

CVE-2025-49329 describes an unrestricted file upload vulnerability in the Agile Logix Store Locator WordPress plugin. The root cause is uploading files with dangerous types, enabling a potential web shell to be written to the server. Affected: Store Locator WordPress from any initial version up t...

CVE-2025-49328

CVE-2025-49328 affects Store Locator WordPress (Agile Logix Store Locator Plugin). Description confirms an SQL Injection vulnerability due to improper input handling in Store Locator WordPress versions up to 1.5.1. Red Hat and Wordfence entries corroborate: exploitation requires authenticated acc...

CVE-2024-11267

The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks...

CVE-2023-4151 Store Locator WordPress < 1.4.13 - Reflected XSS

The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2022-4832 Store Locator WordPress < 1.4.9 - Contributor+ Stored XSS via Shortcode

The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...