📦 String Locator

by Instawp

🔍 What is String Locator?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-10936

HIGH CVSS 8.8 Jan 21, 2025

The String Locator WordPress plugin is vulnerable to PHP object injection through deserialization of untrusted input, allowing unauthenticated attackers to inject malicious PHP objects. While no known...

CVE-2023-6987

MEDIUM CVSS 6.1 Aug 24, 2024

This vulnerability allows unauthenticated attackers to perform reflected cross-site scripting (XSS) attacks via the 'sql-column' parameter in the String Locator WordPress plugin. Attackers can inject ...