cleantalk
Vulnerabilities and Security Researches

JSP Store Locator, CVE-2024-11267

CVE, Research URL

CVE-2024-11267

Home page URL

Security reports for JSP Store Locator

Application

JSP Store Locator

Published on
May 16, 2025
Research Description
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks.
Affected versions
max 1.0.
Status
vulnerable
Previous vulnerability researches
JSP Store Locator (CVE-2024-11267) , Jan 11, 2025
JSP Store Locator (CVE-2024-12301) , Jan 11, 2025
Gwebpro Store Locator (CVE-2024-11682) , Dec 22, 2024
Gwebpro Store Locator (CVE-2025-23519) , Mar 05, 2025
Custom WP Store Locator (CVE-2025-24676) , Feb 05, 2025
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar – Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026