CVE-2023-6050
Estatik Real Estate Plugin < 4.1.1 - Reflected XSS
The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not sanitise and escape various parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
Unknown · Estatik Real Estate PluginWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →