WordPress Plugin Vulnerabilities

store-locator-le - SQL Injection

Description

The Store Locator Plus® for WordPress WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
store-locator-le
Fixed in 3.8.7

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
bd7d28f3-85ca-43a1-93c1-3f8e322457e2

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2015-05-15 (about 10 years ago)

Other

Published
Title
Published
2026-03-23
Title
Product Filter for WooCommerce by WBW < 3.1.3 - Unauthenticated SQLi
Published
2024-07-22
Title
Best Restaurant Menu by PriceListo < 1.4.2 - Authenticated (Contributor+) SQL Injection
Published
2026-02-18
Title
Shield Security < 21.0.10 - Cross-Site Request Forgery to SQL Injection
Published
2022-12-09
Title
WP RSS By Publishers <= 0.1 - Admin+ SQLi
Published
2014-08-01
Title
Relevanssi 3.2 - Unspecified SQL Injection