CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-11267

The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://wpscan.com/vulnerability/fcbdc11a-a194-46e4-8c22-11010b98fdab/
https://wpscan.com/vulnerability/fcbdc11a-a194-46e4-8c22-11010b98fdab/

Products affected by CVE-2024-11267

Joomlaserviceprovider » Jsp Store Locator » Version: Any

cpe:2.3:a:joomlaserviceprovider:jsp_store_locator:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11267

Products

Pricing

Contact Us