Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.10 views

CVE-2023-4239

The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'remsaveprofilefront' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

8.8CVSS6.9AI score0.00622EPSS
Exploits1References1
NVD
NVD
added 2023/08/09 3:15 a.m.16 views

CVE-2023-4239

The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'remsaveprofilefront' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

8.8CVSS8.7AI score0.00622EPSS
Exploits1References2
CVE
CVE
added 2023/08/09 2:4 a.m.60 views

CVE-2023-4239

CVE-2023-4239 concerns the WordPress plugin “Real Estate Manager.” The vulnerability, present in versions up to and including 6.7.1, arises from insufficient restriction on the rem_save_profile_front function, allowing an authenticated user with minimal privileges (e.g., a subscriber) to modify t...

8.8CVSS6.9AI score0.00622EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/08/09 2:4 a.m.23 views

CVE-2023-4239 Real Estate Manager <= 7.2 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation

The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'remsaveprofilefront' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to...

8.8CVSS8.8AI score0.00622EPSS
Exploits1References2
Patchstack
Patchstack
added 2023/08/09 12:0 a.m.11 views

WordPress Real Estate Manager Plugin <= 7.2 is vulnerable to Broken Access Control

Software Real Estate Manager Type Plugin Vulnerable versions = 7.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-4239 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 9d7a1725ab48 Credits Lana Codes Required privileg...

8.8CVSS6.4AI score0.00622EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder