CVE-2023-6141
CVSS 3.1 Score 5.4 of 10 (medium)
Details
Summary
CVE-2023-6141 is a vulnerability affecting the Essential Real Estate WordPress plugin before version 4.4.0. This issue fails to implement adequate capability checks on its AJAX actions, resulting in a Stored XSS (Cross-Site Scripting) vulnerability. Malicious users with subscriber access can exploit this flaw to inject malicious scripts into a victim's WordPress site, potentially stealing sensitive information or taking control of the site. This vulnerability poses a significant risk to websites using the affected plugin and requires an immediate update to the latest version to mitigate it.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.