First published: Fri Jan 10 2025(Updated: )
The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.
Credit: security@wordfence.com
Affected Software | Affected Version | How to fix |
---|---|---|
G5plus Essential Real Estate | <=1.1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.