cleantalk
Vulnerabilities and Security Researches

JSP Store Locator, CVE-2024-11267

CVE, Research URL

CVE-2024-11267

Home page URL

Security reports for JSP Store Locator

Application

JSP Store Locator

Published on
May 16, 2025
Research Description
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks.
Affected versions
max 1.0.
Status
vulnerable
Previous vulnerability researches
JSP Store Locator (CVE-2024-11267) , Jan 11, 2025
JSP Store Locator (CVE-2024-12301) , Jan 11, 2025
New vulnerability
WooCommerce Stripe Payment Gateway (CVE-2026-2381) , Jun 16, 2026
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026