CVE-2024-13710

The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0. This is due to missing or incorrect nonce validation on the 'estatebudsettings' page. This makes it possible for unauthenticated attackers to update...

CVE-2024-13710 Estatebud – Properties & Listings <= 5.5.0 - Cross-Site Request Forgery to Settings Update

The Estatebud – Properties & Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.0. This is due to missing or incorrect nonce validation on the 'estatebudsettings' page. This makes it possible for unauthenticated attackers to update...

CVE-2025-23994 WordPress Estatebud – Properties & Listings plugin <= 5.5.0 - CSRF to Settings Update & Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Estatebud Estatebud – Properties & Listings estatebud-properties-listings allows Stored XSS.This issue affects Estatebud – Properties & Listings: from n/a through = 5.5.0...

WordPress plugin Estatebud – Properties & Listings 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...