Vulnerabilities > Superstorefinder > Super Store Finder
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-02 | CVE-2023-43835 | Injection vulnerability in Superstorefinder Super Store Finder Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite config.inc.php content. | 8.8 |
2023-09-27 | CVE-2023-44044 | SQL Injection vulnerability in Superstorefinder Super Store Finder Super Store Finder v3.6 and below was discovered to contain a SQL injection vulnerability via the Search parameter at /admin/stores.php. | 7.2 |
2023-09-19 | CVE-2023-5054 | Unspecified vulnerability in Superstorefinder Super Store Finder The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. | 5.3 |
2023-09-05 | CVE-2023-41507 | SQL Injection vulnerability in Superstorefinder Super Store Finder 3.6 Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters. | 9.8 |
2023-09-05 | CVE-2023-41508 | Use of Hard-coded Credentials vulnerability in Superstorefinder Super Store Finder 3.6 A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel. | 9.8 |
2023-07-19 | CVE-2023-3751 | SQL Injection vulnerability in Superstorefinder Super Store Finder 3.6 A vulnerability was found in Super Store Finder 3.6. | 9.8 |