Description
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales version 3.98.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.98.8 or latest
References
Related Vulnerabilities
Coppermine Improper Authentication Vulnerability (CVE-2005-3979)
Oracle JRE CVE-2013-1476 Vulnerability (CVE-2013-1476)
WordPress Plugin Compact WP Audio Player Cross-Site Scripting (1.9.7)
MediaWiki CVE-2023-45367 Vulnerability (CVE-2023-45367)
WordPress Plugin Spiffy Calendar Cross-Site Scripting (3.2.0)