Approved changes feed: RSS · Atom

cpe:2.3:a:smartdatasoft:essential_wp_real_estate:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorSmartdatasoft (875d6338-8531-58cb-89a0-6b7829646c61)
ProductEssential Wp Real Estate (9e0a8fa9-60e4-5a16-b801-660ecc115829)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-23857 vulnerable 2026-06-08 07:12:47.052374 WordPress Essential WP Real Estate Plugin <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real Estate essential-wp-real-estate allows Reflected XSS.This issue affects Essential WP Real Estate: from n/a through <= 1.1.3.
Published: 2025-02-14T12:44:33.569Z
Updated: 2026-05-11T23:35:21.477Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-13318 vulnerable 2026-06-08 06:25:37.266739 Essential WP Real Estate <= 1.1.3 - Missing Authorization to Arbitrary Post/Page Deletion
MEDIUM (5.3)
The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.
Published: 2025-01-10T11:10:45.380Z
Updated: 2026-04-08T16:58:47.869Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.