2 matches found
CVE-2025-23994
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Estatebud Estatebud – Properties & Listings estatebud-properties-listings allows Stored XSS.This issue affects Estatebud – Properties & Listings: from n/a through = 5.5.0...
CVE-2025-23994
CVE-2025-23994 affects the WordPress plugin Estatebud – Properties & Listings (versions n/a–5.5.0). The issue is CSRF to Settings Update that enables Stored XSS due to improper input neutralization during web page generation. Impacts are Stored XSS in Estatebud pages, aligning with a CVSSv3.1 bas...