EUVD-2024-51590

Malicious code in bioql PyPI...

CVE-2025-39459

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through = 3.5.2...

CVE-2025-39459

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through = 3.5.2...

CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through = 3.5.2...

CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Contempo Themes Real Estate 7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through 3.5.2...

CVE-2025-39459

CVE-2025-39459 concerns WordPress Real Estate 7 theme (versions

WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Real Estate 7 versions = 3.5.2...

WordPress Real Estate 7 Theme <= 3.5.2 is vulnerable to Privilege Escalation

Software Real Estate 7 Type Theme Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2025-39459 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID b355428eb863 Credits Ananda Dhakal Patchstack Requir...

PT-2025-14088 · WordPress · The Real Estate 7

Name of the Vulnerable Software and Affected Versions: Real Estate 7 WordPress theme versions up to, and including, 3.5.4 Description: The Real Estate 7 WordPress theme is vulnerable to arbitrary file uploads due to missing file type validation via the 'template-submit-listing.php' file. This mak...

CVE-2024-13421

The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to...

CVE-2024-13421 Real Estate 7 WordPress <= 3.5.1 - Unauthenticated Privilege Escalation to Administrator

The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to...

CVE-2024-13421 Real Estate 7 WordPress <= 3.5.1 - Unauthenticated Privilege Escalation to Administrator

The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to...

CVE-2022-47146

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Contempoinc Real Estate 7 WordPress theme = 3.3.1 versions...

CVE-2022-47146

CVE-2022-47146 affects the Contempoinc Real Estate 7 WordPress theme (versions

CVE-2022-47146 WordPress Real Estate 7 Theme <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Contempoinc Real Estate 7 WordPress theme = 3.3.1 versions...

WordPress Real Estate 7 Theme <= 3.3.4 is vulnerable to Broken Access Control

Software Real Estate 7 Type Theme Vulnerable versions = 3.3.4 Fixed in 3.3.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority High CVSS severity High 5.8 Developer Claim ownership PSID a71c4c5edd92 Credits RE-ALTER Required privilege Unauthenticat...

WordPress Real Estate 7 Theme <= 3.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Real Estate 7 Type Theme Vulnerable versions = 3.3.4 Fixed in 3.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID af68aef80259 Credits RE-ALTER Required privilege...

WordPress Real Estate 7 Theme <= 3.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Real Estate 7 Type Theme Vulnerable versions = 3.3.4 Fixed in 3.3.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 17be44a53b30 Credits RE-ALTER Required privilege...

WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...

WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting Vulnerability

==== Z://USB-00RESEARCH/WORDPRESS/ ============================================= 2023 == Report Title: WordPress Real Estate 7 Theme = 3.3.4 - Unauthenticated Reflected Cross-Site Scripting XSS Google Dork: inurl:/wp-content/themes/realestate-7/ Research Date: 2023-02-10 Researcher: FearZzZz...