Vulnerability Details CVE-2014-8621
SQL injection vulnerability in the Store Locator plugin 2.3 through 3.11 for WordPress allows remote attackers to execute arbitrary SQL commands via the sl_custom_field parameter to sl-xml.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 85.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2014-8621
-
cpe:2.3:a:store_locator_project:store_locator:2.3
-
cpe:2.3:a:store_locator_project:store_locator:3.11