CVE-2024-4273

The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'erepropertymap' shortcode in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

@dstanesc/shared-property-map (>=0.0.9 <=0.0.11), @fluid-experimental/partial-checkout (>=0.51.0 <=2.0.0-internal.2.0.4) +10 more potentially affected by CVE-2022-41714 via fastest-json-copy (=1.0.1)

fastest-json-copy NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on fastest-json-copy and may be impacted: - @dstanesc/shared-property-map =0.0.9, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =0.51.0, =2.0.0,...