Estatik Real Estate Plugin, CVE-2023-6050

CVE, Research URL: CVE-2023-6050
Home page URL: Security reports for Estatik Real Estate Plugin
Application: Estatik Real Estate Plugin
Published on: Jan 15, 2024
Research Description: The Estatik Real Estate Plugin WordPress plugin before 4.1.1 does not sanitise and escape various parameters and generated URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions: max 4.1.1.
Status: vulnerable