Essential Wp Real Estate

essential_wp_real_estate

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-23857 1Smartdatasoft 1Essential Wp Real Estate Apr 23, 2026 Feb 14, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP R...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP Real Estate: from n/a through <= 1.1.3.Show less
CVE-2024-13347 1Smartdatasoft 1Essential Wp Real Estate Apr 18, 2025 Feb 3, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
CVE-2024-13318 1Smartdatasoft 1Essential Wp Real Estate Feb 25, 2025 Jan 10, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it...Show more The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.Show less