Smartdatasoft Essential_wp_real_estate
3 CVEs affecting Smartdatasoft Essential_wp_real_estate. Latest disclosed: 2025-02-14. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-23857 | High | 7.1 | 2025-02-14 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-… |
CVE-2024-13347 | Medium | 6.8 | 2025-02-03 | The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Sit… |
CVE-2024-13318 | Medium | 5.3 | 2025-01-10 | The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() functi… |