Description
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales version 3.98.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.98.8 or latest
References
Related Vulnerabilities
Sqlite Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2019-19646)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.4.2)
WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-27912)
Moodle 7PK - Security Features Vulnerability (CVE-2015-5331)