Smartdatasoft Essential Wp Real Estate — known CVE vulnerabilities
Every CVE whose affected-product data names Smartdatasoft Essential Wp Real Estate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-23857 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SmartDataSoft Essential WP Real…
CVE-2024-13347 — CVSS 6.8 (medium): The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to…
CVE-2024-13318 — CVSS 5.3 (medium): The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the…