49 matches found
CVE-2026-22470
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin allows Blind SQL Injection.This issue affects FireStorm Professional Real Estate: from n/a through = 2.7.11...
CVE-2026-22470
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin allows Blind SQL Injection.This issue affects FireStorm Professional Real Estate: from n/a through = 2.7.11...
CVE-2026-22470
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin allows Blind SQL Injection.This issue affects FireStorm Professional Real Estate: from n/a through = 2.7.11...
PT-2026-4240
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FireStorm Plugins FireStorm Professional Real Estate fs-real-estate-plugin allows Blind SQL Injection.This issue affects FireStorm Professional Real Estate: from n/a through = 2.7.11...
WordPress plugin FireStorm Professional has a SQL injection vulnerability.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Essential WP Real Estate plugin <= 1.1.3 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Essential WP Real Estate versions = 1.1.3...
EUVD-2025-21646
Malicious code in bioql PyPI...
EUVD-2023-58307
Malicious code in bioql PyPI...
EUVD-2023-58306
Malicious code in bioql PyPI...
EUVD-2023-58305
Malicious code in bioql PyPI...
WordPress WP-Property plugin file upload vulnerability
WordPress WP-Property plugin is a real estate industry-specific plugin for the WordPress platform, which is mainly used to help users manage property listings, display listing information and attract potential customers. A file upload vulnerability exists in the WordPress WP-Property plugin, whic...
WordPress plugin WP-Property 安全漏洞
WordPress WP-Property plugin is a real estate industry-specific plugin for the WordPress platform, which is mainly used to help users manage property listings, display listing information and attract potential customers. A file upload vulnerability exists in the WordPress WP-Property plugin, whic...
CVE-2025-48150
Missing Authorization vulnerability in sminozzi Real Estate Property 2024 Create Your Own Fields and Search Bar WP Plugin real-estate-right-now allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real Estate Property 2024 Create Your Own Fields and Search Ba...
CVE-2025-48150
CVE-2025-48150 is a Missing Authorization / Broken Access Control vulnerability affecting the WordPress plugin “Real Estate Property 2024 Create Your Own Fields and Search Bar” (versions through 4.48). Multiple connected sources confirm that improper access control configuration can be exploited ...
CVE-2024-12329
The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in all versions up to, and including, 5.1.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2024-4273
The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'erepropertymap' shortcode in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-6048
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not prevent user with low privileges on the site, like subscribers, from setting any of the site's options to 1, which could be used to break sites and lead to DoS when certain options are reset...
CVE-2023-6049
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 unserializes user input via some of its cookies, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget chain is present on the blog...
CVE-2023-6140
The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited privileges on the site, like subscribers, from momentarily uploading malicious PHP files disguised as ZIP archives, which may lead to remote code execution...
CVE-2022-3933
The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks...