Smartdatasoft ≫ Essential Wp Real Estate

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.

6.1

CVE-2025-23857

EPSS 0.09%
Veröffentlicht 14.02.2025 13:15:47
Zuletzt bearbeitet 25.02.2025 19:41:41

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Essential WP Real Estate allows Reflected XSS. This issue affects Essential WP Real Estate: from n/a through 1.1.3.

6.8

CVE-2024-13347

Exploit

EPSS 0.09%
Veröffentlicht 03.02.2025 06:15:10
Zuletzt bearbeitet 18.04.2025 02:00:00

The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.

5.3

CVE-2024-13318

EPSS 0.32%
Veröffentlicht 10.01.2025 12:15:24
Zuletzt bearbeitet 25.02.2025 16:49:28

The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated ...

Team-orientierte Vulnerability Management Plattform

Features der Plattform

Smartdatasoft ≫ Essential Wp Real Estate

CVE-2025-23857

CVE-2024-13347

CVE-2024-13318