11 matches found
EUVD-2025-9153
Malicious code in bioql PyPI...
EUVD-2025-8147
Malicious code in bioql PyPI...
CVE-2025-31888
Cross-Site Request Forgery CSRF vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Cross Site Request Forgery.This issue affects WP Multistore Locator: from n/a through = 2.5.2...
CVE-2025-31888
Cross-Site Request Forgery CSRF vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Cross Site Request Forgery.This issue affects WP Multistore Locator: from n/a through = 2.5.2...
CVE-2025-31888
CVE-2025-31888 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WP Multistore Locator (versions up to 2.5.2). The issue allows CSRF, affecting the plugin on vulnerable installations, with a CVSS v3.1 base score of 4.3 (Medium) and impact limited to integrity (Lo...
PT-2025-14264 · WordPress · Wp Multi Store Locator
Name of the Vulnerable Software and Affected Versions: WP Multistore Locator versions n/a through 2.5.2 Description: A Cross-Site Request Forgery CSRF issue allows unauthorized actions to be performed on behalf of a user. This can lead to various security problems, including data modification or...
CVE-2025-28898
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows SQL Injection.This issue affects WP Multistore Locator: from n/a through = 2.5.2...
CVE-2025-28898
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows SQL Injection.This issue affects WP Multistore Locator: from n/a through = 2.5.2...
CVE-2025-28898 WordPress WP Multistore Locator plugin <= 2.5.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows SQL Injection.This issue affects WP Multistore Locator: from n/a through = 2.5.2...
CVE-2025-28898
CVE-2025-28898 affects WP Multistore Locator (up to 2.5.2). It is an unauthenticated SQL Injection caused by improper input neutralization. Documented impact includes data access via SQL injection; no exploits or patch/version fix details are provided in the connected sources. Monitor for updates...
CVE-2025-28898 WordPress WP Multistore Locator plugin <= 2.5.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows SQL Injection.This issue affects WP Multistore Locator: from n/a through = 2.5.2...