CVE-2025-23422 – WordPress Store Locator Path Traversal

January 24, 2025
12:16 pm

CVE ID : CVE-2025-23422

Published : Jan. 24, 2025, 11:15 a.m. | 1 hour, 1 minute ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in NotFound Store Locator allows PHP Local File Inclusion. This issue affects Store Locator: from n/a through 3.98.10.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-23422 – WordPress Store Locator Path Traversal

Elvescore.io

Recent Posts

CVE-2022-49043 – Libxml2 XML XInclude Use-After-Free Vulnerability

CVE-2024-10574 – “Quiz Maker Business, Developer, and Agency WordPress Unauthorized Modification and Cross-Site Scripting Vulnerability”

CVE-2024-10628 – Woocommerce Quiz Maker SQL Injection Vulnerability

CVE-2024-10633 – Quiz Maker Business, Developer, and Agency WordPress Plugin Shortcode Injection Vulnerability

CVE-2024-10636 – Quiz Maker Business/Developer/Agency WordPress Reflected Cross-Site Scripting

CVE-2025-24858 – Develocity Gradle Enterprise Password Hash Exposure

CVE-2025-23422 – WordPress Store Locator Path Traversal

CVE-2025-23422 – WordPress Store Locator Path Traversal