Vulnerabilities > Smartdatasoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-14 | CVE-2025-23857 | Cross-site Scripting vulnerability in Smartdatasoft Essential WP Real Estate Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Essential WP Real Estate allows Reflected XSS. | 6.1 |
| 2025-01-10 | CVE-2024-13318 | Unspecified vulnerability in Smartdatasoft Essential WP Real Estate The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. | 5.3 |
| 2021-06-01 | CVE-2021-24335 | Unspecified vulnerability in Smartdatasoft CAR Repair Services & Auto Mechanic The Car Repair Services & Auto Mechanic WordPress theme before 4.0 did not properly sanitise its serviceestimatekey search parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting issue | 6.1 |