Vulnerabilities > Superstorefinder > Super Store Finder > 6.9.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-09 | CVE-2024-13440 | Unspecified vulnerability in Superstorefinder Super Store Finder The Super Store Finder plugin for WordPress is vulnerable to SQL Injection via the ‘ssf_wp_user_name’ parameter in all versions up to, and including, 7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 8.2 |
| 2024-09-18 | CVE-2024-43975 | Cross-site Scripting vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in highwarden Super Store Finder allows Cross-Site Scripting (XSS).This issue affects Super Store Finder: from n/a through 6.9.7. | 6.1 |
| 2024-09-17 | CVE-2024-43976 | SQL Injection vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a through 6.9.7. | 9.8 |
| 2024-09-17 | CVE-2024-43978 | SQL Injection vulnerability in Superstorefinder Super Store Finder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a before 6.9.8. | 9.8 |