Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
EstatikEstatik

3 matches found

CVE
CVEadded 2024/01/15 4:15 p.m.36 views

CVE-2023-6048

The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not prevent user with low privileges on the site, like subscribers, from setting any of the site's options to 1, which could be used to break sites and lead to DoS when certain options are reset

6.5CVSS6.4AI score0.00098EPSS
Web
CVE
CVEadded 2024/01/15 4:15 p.m.36 views

CVE-2023-6050

The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not sanitise and escape various parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

6.1CVSS6AI score0.00141EPSS
Web
CVE
CVEadded 2019/09/16 1:15 p.m.31 views

CVE-2016-10959

The estatik plugin before 2.3.1 for WordPress has authenticated arbitrary file upload (exploitable with CSRF) via es_media_images[] to wp-admin/admin-ajax.php.

6.5CVSS6.5AI score0.00445EPSS
Web