Superstorefinder Super_store_finder
10 CVEs affecting Superstorefinder Super_store_finder. Latest disclosed: 2025-02-09. Critical: 4, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-41507 | Critical | 9.8 | 2023-09-05 | Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and ln… |
CVE-2023-41508 | Critical | 9.8 | 2023-09-05 | A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel. |
CVE-2024-43978 | Critical | 9.3 | 2024-09-17 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp.This is… |
CVE-2024-43976 | Critical | 9.3 | 2024-09-17 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp.This is… |
CVE-2023-43835 | High | 8.8 | 2023-10-02 | Super Store Finder 3.7 and below is vulnerable to authenticated Arbitrary PHP Code Injection that could lead to Remote Code Execution when settings overwrite c… |
CVE-2024-13440 | High | 8.2 | 2025-02-09 | The Super Store Finder plugin for WordPress is vulnerable to SQL Injection via the ‘ssf_wp_user_name’ parameter in all versions up to, and including, 7.0 due t… |
CVE-2023-44044 | High | 7.2 | 2023-09-27 | Super Store Finder v3.6 and below was discovered to contain a SQL injection vulnerability via the Search parameter at /admin/stores.php. |
CVE-2024-43975 | High | 7.1 | 2024-09-18 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in highwarden Super Store Finder superstorefinder-wp.This is… |
CVE-2023-3751 | Medium | 6.3 | 2023-07-19 | A vulnerability was found in Super Store Finder 3.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /… |
CVE-2023-5054 | Medium | 5.8 | 2023-09-19 | The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This i… |