A vulnerability, which was classified as problematic, was found in store-locator-pro Store Locator Widget Plugin up to 20200131 on WordPress. Affected is the function storelocatorwidget of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-13657. It is possible to launch the attack remotely. There is no exploit available.