3 matches found
CVE-2026-3361
The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsladdress' post meta value in versions up to, and including, 2.2.261 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2009-4948
Cross-site scripting XSS vulnerability in the Store Locator extension before 1.2.8 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2023-41507
Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters...