Lucene search
+L

10 matches found

cve
cve
added 6 days ago11 views

CVE-2026-15300

CVE-2026-15300 affects the GEO my WP WordPress plugin up to version 4.5.4. An SQL injection exists via the distance, lat, and lng parameters. Values are read from $_SERVER['QUERY_STRING'] with parse_str(), then passed through bare esc_sql() and interpolated into unquoted numeric positions in the ...

9.1CVSS6AI score0.00349EPSS
Exploits0References6
attackerkb
attackerkb
added 2026/05/30 9:28 a.m.10 views

CVE-2026-9757

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References9
vulnrichment
vulnrichment
added 2026/05/30 9:28 a.m.11 views

CVE-2026-9757 GEO my WP <= 4.5.5 - Unauthenticated SQL Injection via 'swlatlng' / 'nelatlng' Parameters

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/05/23 10:28 a.m.13 views

CVE-2024-6330

The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution...

9.8CVSS7.5AI score0.02143EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 6:41 a.m.11 views

CVE-2024-9422

The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server...

6.6CVSS7AI score0.00733EPSS
Exploits1References1
osv
osv
added 2024/11/22 6:15 a.m.4 views

CVE-2024-9422

The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server...

6.6CVSS5.9AI score0.00733EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/10/06 11:5 a.m.11 views

CVE-2024-47327 WordPress GEO my WP plugin <= 4.5.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Eyal Fitoussi GEO my WordPress allows Reflected XSS.This issue affects GEO my WordPress: from n/a through 4.5.0.3...

7.1CVSS6.9AI score0.00302EPSS
Exploits0References1
cvelist
cvelist
added 2024/10/06 11:5 a.m.20 views

CVE-2024-47327 WordPress GEO my WP plugin <= 4.5.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Eyal Fitoussi GEO my WordPress geo-my-wp allows Reflected XSS.This issue affects GEO my WordPress: from n/a through = 4.5.0.3...

7.1CVSS0.00302EPSS
Exploits0References1
cve
cve
added 2024/08/19 6:0 a.m.79 views

CVE-2024-6330

The CVE-2024-6330 entry concerns GEO my WP WordPress plugin prior to version 4.5.0.2. The vulnerability is an unauthenticated Local File Inclusion that allows attackers to cause Remote Code Execution by including arbitrary files in PHP’s execution context. Affected software is specifically GEO my...

9.8CVSS7.2AI score0.02143EPSS
Exploits1References1Affected Software1
ptsecurity
ptsecurity
added 2024/08/18 12:0 a.m.12 views

PT-2024-37545 · WordPress · Geo My Wp

Name of the Vulnerable Software and Affected Versions: GEO my WP WordPress plugin versions prior to 4.5.0.2 Description: The issue allows unauthenticated attackers to include arbitrary files in PHP's execution context, leading to Remote Code Execution. This can be exploited by including malicious...

9.8CVSS8.6AI score0.02143EPSS
Exploits1References10
Rows per page
Query Builder