Impact
The vulnerability in the Store Locator WordPress plugin before version 1.6.9 occurs because it accepts an unvalidated request parameter and uses it directly in a file path. This flaw is a classic example of CWE-22 Path Traversal, leading to CWE-200 information exposure. An administrator or other high‑privileged user can supply a carefully crafted value that causes the plugin to read any PHP file on the server, including sensitive configuration files that contain database credentials and authentication keys. The resulting exposure compromises the confidentiality of critical information and can enable further attacks against the application or the underlying infrastructure.
Affected Systems
The affected product is the Store Locator WordPress plugin. All installations of the plugin with a version earlier than 1.6.9 are susceptible, regardless of the broader WordPress environment. No other vendors are listed in the CNA data.
Risk and Exploitability
The CVSS score is 3.4, indicating low severity, but the EPSS is <1% and the vulnerability is not listed in the CISA KEV catalog. The attack vector requires privileged access to the WordPress administrator interface, which limits exploitation to users who already possess administrative rights. However, the ability to read configuration files is a high‑impact outcome, giving attackers credentials that could lead to full system compromise. Because the vulnerability is straightforward to trigger with an administrator account, the risk can be classified as moderate to high when such permissions exist.
OpenCVE Enrichment