WordPress Realty Portal plugin <= 0.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update vulnerability discovered by kr0d in WordPress Plugin Realty Portal versions = 0.4.1...

WordPress Realty by BestWebSoft plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Realty by BestWebSoft versions = 1.1.5...

WordPress Realty by BestWebSoft Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Realty by BestWebSoft Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51786 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4df8b0c61c8a Credits SOPROBRO Required privilege...

WordPress Realty Workstation Plugin <= 1.0.45 is vulnerable to Broken Authentication

Software Realty Workstation Type Plugin Vulnerable versions = 1.0.45 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50489 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 8f086511377f Credits...