Lucene search
K

28 matches found

CVE
CVE
added 6 days ago11 views

CVE-2026-57343

CVE-2026-57343 describes an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Real Estate 7 theme, affected

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:53 p.m.13 views

CVE-2026-57641

CVE-2026-57641 pertains to an unauthenticated Cross Site Request Forgery (CSRF) vulnerability in the WordPress Real Estate 7 theme, affecting versions ≤ 3.5.9. Public records confirm the affected software and the vulnerability class, but the provided documents do not specify the exact attack vect...

6.5CVSS5.8AI score0.00127EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.13 views

CVE-2026-54827

CVE-2026-54827 : Unauthenticated SQL Injection affecting WordPress Real Estate 7 theme versions ≤ 3.5.9. The vulnerability arises in the Real Estate 7 component and is exploitable without authentication, with a CVSS v3.1 base score of 9.3 (CRITICAL), indicating potential data exposure and confide...

9.3CVSS5.8AI score0.00283EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.30 views

CVE-2026-54827 WordPress Real Estate 7 theme <= 3.5.9 - SQL Injection vulnerability

Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...

9.3CVSS0.00283EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/26 12:30 p.m.7 views

WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

6.5CVSS5.8AI score0.00127EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/06/17 1:55 p.m.5 views

WordPress Real Estate 7 theme <= 3.5.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Real Estate 7 versions = 3.5.9...

9.3CVSS6AI score0.00283EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/04/21 7:15 p.m.6 views

WordPress Real Estate Pro plugin <= 1.0.9 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Real Estate Pro versions = 1.0.9...

5.5CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2026/03/04 12:0 a.m.148 views

📄 WordPress Real Estate 7 3.5.2 Privilege Escalation

This Metasploit auxiliary scanner module targets a privilege escalation vulnerability in WordPress Real Estate 7 plugin version 3.5.2. The flaw allows unauthenticated attackers to register a new user account with administrator privileges by abusing the ctaddnewmember AJAX action...

5.9AI score
Exploits0
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.5 views

WordPress Essential WP Real Estate plugin <= 1.1.3 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Essential WP Real Estate versions = 1.1.3...

6.8CVSS5.4AI score0.00574EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/09/10 12:25 p.m.9 views

CVE-2025-7718 Resideo Plugin for Resideo - Real Estate WordPress Theme <= 2.5.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Privilege Escalation via Account Takeover

The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.5.4. This is due to the plugin not properly validating a user's identity prior to updating their details like email...

8.8CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/20 8:2 a.m.11 views

CVE-2025-54032 WordPress Real Estate Manager Pro Plugin <= 12.7.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebCodingPlace Real Estate Manager Pro real-estate-manager-pro allows Reflected XSS.This issue affects Real Estate Manager Pro: from n/a through = 12.7.3...

7.1CVSS0.00234EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.3 views

CVE-2025-50044 WordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rameez Iqbal Real Estate Manager allows Cross Site Request Forgery. This issue affects Real Estate Manager: from n/a through 7.3...

6.5CVSS7.2AI score0.00157EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 6:46 p.m.29 views

CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through = 3.5.2...

7.3CVSS0.00338EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2025/04/10 8:9 a.m.6 views

CVE-2025-32668 WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows PHP Local File Inclusion.This issue affects Real Estate Manager: from n/a through = 7.3...

8.1CVSS8.7AI score0.00593EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/09 4:9 p.m.9 views

WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Real Estate Manager versions = 7.3...

8.1CVSS8.4AI score0.00593EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/04 3:58 p.m.8 views

CVE-2025-32150 WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3...

7.5CVSS7.4AI score0.0103EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:58 p.m.14 views

CVE-2025-32150 WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows PHP Local File Inclusion.This issue affects Real Estate Manager: from n/a through = 7.3...

7.5CVSS0.0103EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/31 12:0 a.m.6 views

WordPress Real Estate 7 Theme <= 3.5.4 is vulnerable to Arbitrary File Upload

Software Real Estate 7 Type Theme Vulnerable versions = 3.5.4 Fixed in 3.5.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-2891 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 22e03f3e7c10 Credits Foxyyy Required privilege Seller...

8.8CVSS6.8AI score0.0066EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/02/18 7:54 p.m.9 views

CVE-2025-22645 WordPress Real Estate Manager plugin <= 7.3 - Captcha Bypass Vulnerability vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows Password Brute Forcing.This issue affects Real Estate Manager: from n/a through = 7.3...

5.3CVSS8.6AI score0.00311EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/02/11 10:21 p.m.4 views

WordPress Real Estate 7 theme <= 3.5.0 - Unauthenticated Privilege Escalation to Administrator vulnerability

Unauthenticated Privilege Escalation to Administrator vulnerability discovered by Lucio Sá in WordPress Theme Real Estate 7 versions = 3.5.0...

9.8CVSS7AI score0.00716EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder