Sploit.io - Search

Product: G Web Pro Store Locator, version: >= n/a, <= 2.0.1

CVE-2025-23519

Severity: HIGH

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound G Web Pro Store Locator allows Reflected XSS. This issue affects G Web Pro Store Locator: from n/a through 2.0.1.

CVSS Score: 7.1

Affected Products:

NotFound G Web Pro Store Locator - Versions: n/a

References:

https://patchstack.com/database/wordpress/plugin/gwebpro-store-locator/vulnerability/wordpress-g-web-pro-store-locator-plugin-2-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve