CVE-2023-6139
Essential Real Estate < 4.4.0 - Subscriber+ Denial of Service via Arbitrary Option Update
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
Unknown · Essential Real EstateWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →