← Back

Agilelogix

agilelogix

6 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Store Locator
store_locator
4 CVEs
Post Timeline
post_timeline
2 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-13571
1Agilelogix
1Post Timeline
Jun 17, 2026
Feb 26, 2025
N/A· v4
7.1 HIGH· v3
N/A· v2
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege user...Show more
The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.Show less
CVE-2023-4284
1Agilelogix
1Post Timeline
Jun 17, 2026
Sep 4, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high pr...Show more
The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminShow less
CVE-2023-4151
1Agilelogix
1Store Locator
Jun 17, 2026
Sep 4, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high p...Show more
The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as adminShow less
CVE-2023-27618
1Agilelogix
1Store Locator
Jun 17, 2026
Jun 22, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in AGILELOGIX Store Locator WordPress plugin <= 1.4.9 versions.
CVE-2022-4832
1Agilelogix
1Store Locator
Jun 17, 2026
Jan 23, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform...Show more
The Store Locator WordPress plugin before 1.4.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.Show less
CVE-2022-41615
1Agilelogix
1Store Locator
Jun 17, 2026
Nov 18, 2022
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Store Locator plugin <= 1.4.5 on WordPress.