← volver
CVE-2024-13347

Essential WP Real Estate <= 1.1.3 - Reflected XSS

CVSS 6.8 MEDIUMEPSS 0.5%CWE-79
The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Productos afectados
Unknown · Essential WP Real Estate

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://wpscan.com/vulnerability/e2f97636-4c67-409a-83c6-ad6255aa2cc5/