CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

Search Vulnerabilities

Software

Searching vulnerabilities affecting “joomlaserviceprovider”

4 vulnerabilities found for “joomlaserviceprovider”

CVE-2024-11267

HIGH8.8

The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL injection attacks.

joomlaserviceprovider / jsp_store_locator

Network

Published May 15, 2025

CVE-2024-12301

MEDIUM6.5

The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks.

joomlaserviceprovider / jsp_store_locator

Network

Published May 15, 2025

CVE-2023-39987

MEDIUM5.9

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay Lulia wSecure Lite plugin <= 2.5 versions.

joomlaserviceprovider / wsecure

Network

Published Sep 4, 2023

CVE-2016-10960

HIGH8.8

The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.

joomlaserviceprovider / wsecure

Network

Published Sep 16, 2019