Vulnerabilities in Contempoinc

6 results

CVE-2021-24387—Real Estate 7 < 3.1.1 - Reflected Cross-Site Scripting (XSS)EPSS 3.7%CVE-2024-13421CRITICALReal Estate 7 WordPress <= 3.5.1 - Unauthenticated Privilege Escalation to AdministratorEPSS 0.7%CVE-2025-2891HIGHWP Pro Real Estate 7 <= 3.5.4 - Authenticated (Custom) Arbitrary File UploadEPSS 0.6%CVE-2022-47146HIGHWordPress Real Estate 7 Theme <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-39459HIGHWordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerabilityEPSS 0.3%CVE-2025-2906MEDIUMContempo Real Estate Core <= 3.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.3%