CVE-2014-8621
The CVE-2014-8621 issue affects the WordPress Store Locator plugin versions 2.3–3.11, where an SQL injection vulnerability exists in the sl-xml.php endpoint via the sl_custom_field parameter. The underlying flaw allows remote attackers to execute arbitrary SQL commands, as indicated by multiple s...