WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. Cross-site request forgery vulnerability exists in WordPress Store Locator for WordPress with Google Maps - LotsOfLocales plugin version 3.98.7 and earlier versions. The vulnerability stems from a web application that does not adequately validate that a request is coming from a trusted user. An attacker can use this vulnerability to spoof malicious requests to trick victims into clicking on them to perform sensitive actions.