Vulnerabilities and Security Researches

Essential Real Estate, CVE-2022-3933

CVE, Research URL: CVE-2022-3933
Home page URL: Security reports for Essential Real Estate
Application: Essential Real Estate
Published on: Dec 12, 2022
Research Description: The Essential Real Estate WordPress plugin before 3.9.6 does not sanitize and escapes some parameters, which could allow users with a role as low as Admin to perform Cross-Site Scripting attacks.
Affected versions: Min -, max 1.7.2.
Status: vulnerable