2 matches found
CVE-2024-3666 Opal Estate Pro – Property Management and Submission <= 1.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the agent latitude and longitude parameters in all versions up to, and including, 1.7.6 due to insufficient input sanitization and output escaping. This makes it possible...
WordPress Opal Estate Pro Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS)
Software Opal Estate Pro Type Plugin Vulnerable versions = 1.7.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3666 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b27bd5923011 Credits emad Required privilege...