cleantalk
Vulnerabilities and Security Researches

Essential Real Estate, CVE-2022-3933

CVE, Research URL

CVE-2022-3933

Home page URL

Security reports for Essential Real Estate

Application

Essential Real Estate

Published on
Dec 12, 2022
Research Description
The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.
Affected versions
max 3.9.6.
Status
vulnerable
Previous vulnerability researches
Essential Real Estate (CVE-2022-3933) , Jun 07, 2024
Essential Real Estate (CVE-2024-4273) , Jun 07, 2024
Essential Real Estate (CVE-2023-6827) , Jun 07, 2024
Essential Real Estate (CVE-2023-6139) , Jun 07, 2024
Essential Real Estate (CVE-2023-6141) , Jun 07, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026