Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2021-24289 - Store Locator Plus Plugin

There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin.

PLUGIN Store Locator Plus

CVE-2021-24289

HIGH CVSS 8.8 2021-05-17

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2021-24290 - Store Locator Plus Plugin

There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages.

PLUGIN Store Locator Plus

CVE-2021-24290

MEDIUM CVSS 6.1 2021-05-17

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2021-24289 - Store Locator Plus Plugin

CVE-2021-24290 - Store Locator Plus Plugin

Company Links

Contact Us