16 matches found
CVE-2026-57343 WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Real Estate 7 = 3.5.9 versions...
CVE-2026-57343
CVE-2026-57343 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Real Estate 7 theme, affected
WordPress Real Estate 7 theme <= 3.5.9 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...
VulnCheck KEV: CVE-2024-13421
The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.1. This is due to the plugin not properly restricting the roles allowed to be selected during registration. This makes it possible for unauthenticated attackers to...
Exploit for CVE-2025-39459
📄 Nuclei Template for CVE-2025-39459 🚀 Overview This repo...
EUVD-2023-33001
Malicious code in bioql PyPI...
CVE-2025-7718 Resideo Plugin for Resideo - Real Estate WordPress Theme <= 2.5.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Privilege Escalation via Account Takeover
The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.5.4. This is due to the plugin not properly validating a user's identity prior to updating their details like email...
WordPress plugin RH - Real Estate WordPress Theme Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
WordPress WP Pro Real Estate 7 plugin <= 3.5.4 - Authenticated (Seller) Arbitrary File Upload vulnerability
Authenticated Seller Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Theme Real Estate 7 versions = 3.5.4...
CVE-2024-13421
CVE-2024-13421 affects the Real Estate 7 WordPress theme for WordPress, up to version 3.5.1. Root cause: the registration flow does not properly restrict which user roles can be assigned, enabling unauthenticated attackers to register a new administrative user account. Impact is privilege escalat...
CVE-2023-29432
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Favethemes Houzez - Real Estate WordPress Theme.This issue affects Houzez - Real Estate WordPress Theme: from n/a before 2.8.3...
VulnCheck KEV: CVE-2023-36529
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Favethemes Houzez - Real Estate WordPress Theme allows SQL Injection.This issue affects Houzez - Real Estate WordPress Theme: from n/a through 1.3.4...
WordPress Nexos theme cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.Nexos theme is a real estate website theme plugin used in it. A cross-site scripting vulnerability exists in WordPress Nexos...
WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting
Exploit Title: Real Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS Injection Google Dork: inurl:"/wp-content/themes/realestate-7/" Date: 2019/07/20 Author: m0ze Vendor Homepage: https://contempothemes.com Software Link:...
allure-real-estate-theme-for-placester <= 0.1.1 - XSS in ZeroClipboard.swf
The Allure Real Estate Theme for Placester WordPress theme was affected by a XSS in ZeroClipboard.swf security vulnerability...
WordPress Allure Real Estate Theme <= 0.1.1 - XSS
This WordPress theme is prone to a cross-site scripting XSS vulnerability in "in ZeroClipboard.swf". It allows remote attackers to inject arbitrary script or HTML. Solution Update the theme...