Description

WordPress Plugin Store Locator Plus for WordPress is prone to multiple vulnerabilities including an information disclosure vulnerability and a SQL injection vulnerability. Exploiting these issues could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Store Locator Plus for WordPress versions from 2.7.1 to 3.0.1 are vulnerable; prior versions may also be affected.

Remediation

Restrict access to the wp-content/plugins/store-locator-le/core/load_wp_config.php file (e.g. via .htaccess) and edit the source code to ensure that input is properly sanitised

References

http://www.exploit-db.com/exploits/18989/

http://packetstormsecurity.com/files/113276/WordPress-Google-Maps-Via-Store-Locator-Plus-Email-Spool-SQL-Injection.html

http://1337day.com/exploits/18440

http://secunia.com/advisories/49391/

Related Vulnerabilities

WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.9.50)

WordPress Plugin Companion Auto Update Multiple Vulnerabilities (3.2.0)

WordPress Plugin Visual CSS Style Editor Cross-Site Request Forgery (7.2.0)

b2evolution Other Vulnerability (CVE-2007-2358)

WordPress Plugin VK Gallery TimThumb Arbitrary File Upload (1.1.0)

Severity

High

Classification

CWE-89 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update