Highwarden Super Store Finder vulnerabilities
8 known vulnerabilities affecting highwarden/super_store_finder.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
3
Severity breakdown
CRITICAL4HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-43978P2CRITICALCVSS 9.8Exploited≤ 6.9.82024-09-17
CVE-2024-43978 [CRITICAL] CWE-89 CVE-2024-43978: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp.This issue affects Super Store Finder: from n/a through < 6.9.8.
nvd
CVE-2024-43976P2CRITICALCVSS 9.8Exploited≤ 6.9.72024-09-17
CVE-2024-43976 [CRITICAL] CWE-89 CVE-2024-43976: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp.This issue affects Super Store Finder: from n/a through <= 6.9.7.
nvd
CVE-2024-43975P2MEDIUMCVSS 6.1Exploited≤ 6.9.72024-09-18
CVE-2024-43975 [MEDIUM] CWE-79 CVE-2024-43975: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in highwarden Super Store Finder superstorefinder-wp.This issue affects Super Store Finder: from n/a through <= 6.9.7.
nvd
CVE-2025-52720P2CRITICALCVSS 9.3≤ 7.52025-08-14
CVE-2025-52720 [CRITICAL] CWE-89 CVE-2025-52720: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp allows SQL Injection.This issue affects Super Store Finder: from n/a through <= 7.5.
nvd
CVE-2025-39445P2CRITICALCVSS 9.3≤ 7.22025-05-19
CVE-2025-39445 [CRITICAL] CWE-89 CVE-2025-39445: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder superstorefinder-wp allows SQL Injection.This issue affects Super Store Finder: from n/a through <= 7.2.
nvd
CVE-2025-47571P3HIGHCVSS 7.5≤ 7.82025-09-09
CVE-2025-47571 [HIGH] CWE-98 CVE-2025-47571: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in highwarden Super Store Finder superstorefinder-wp allows PHP Local File Inclusion.This issue affects Super Store Finder: from n/a through < 7.8.
nvd
CVE-2025-49413P4HIGHCVSS 7.1≤ 7.62025-08-20
CVE-2025-49413 [HIGH] CWE-79 CVE-2025-49413: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in highwarden Super Store Finder superstorefinder-wp allows Reflected XSS.This issue affects Super Store Finder: from n/a through <= 7.6.
nvd
CVE-2025-58939P4MEDIUMCVSS 4.3≤ 7.52025-10-29
CVE-2025-58939 [MEDIUM] CWE-352 CVE-2025-58939: Cross-Site Request Forgery (CSRF) vulnerability in highwarden Super Store Finder superstorefinder-wp
Cross-Site Request Forgery (CSRF) vulnerability in highwarden Super Store Finder superstorefinder-wp allows Cross Site Request Forgery.This issue affects Super Store Finder: from n/a through <= 7.5.
nvd