Joomlaserviceprovider Jsp Store Locator — known CVE vulnerabilities
Every CVE whose affected-product data names Joomlaserviceprovider Jsp Store Locator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-11267 — CVSS 8.8 (high): The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing…
CVE-2024-12301 — CVSS 6.5 (medium): The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in…