Essential Wp Real Estate@* Security Vulnerabilities and Issues — Essential Wp Real Estate@* CVE List

Lucene search

SmartdatasoftEssential Wp Real Estate*

3 matches found

CVE•added 2025/02/14 1:15 p.m.•48 views

CVE-2025-23857

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Essential WP Real Estate allows Reflected XSS. This issue affects Essential WP Real Estate: from n/a through 1.1.3.

7.1CVSS7AI score0.00037EPSS

CVE•added 2025/02/03 6:15 a.m.•47 views

CVE-2024-13347

The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.

6.8CVSS6.4AI score0.00036EPSS

CVE•added 2025/01/10 12:15 p.m.•43 views

CVE-2024-13318

The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.

5.3CVSS5.2AI score0.00075EPSS