Vulnerabilities > Smartdatasoft > Essential WP Real Estate > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-14 | CVE-2025-23857 | Cross-site Scripting vulnerability in Smartdatasoft Essential WP Real Estate Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Essential WP Real Estate allows Reflected XSS. | 6.1 |
| 2025-01-10 | CVE-2024-13318 | Unspecified vulnerability in Smartdatasoft Essential WP Real Estate The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. | 5.3 |