WordPress Plugin Vulnerabilities

Realteo < 1.2.4 - Unauthenticated Reflected Cross-Site Scripting (XSS)

Description

The plugin, used by the Findeo Theme, did not properly sanitise the keyword_search, search_radius. _bedrooms and _bathrooms GET parameters before outputting them in its properties page, leading to an unauthenticated reflected Cross-Site Scripting issue.

Proof of Concept

Affects Plugins

Plugin icon
realteo
Fixed in 1.2.4

Affects Themes

findeo
Fixed in 1.3.1

References

CVE
CVE-2021-24237
URL
https://www.docs.purethemes.net/findeo/knowledge-base/changelog-findeo/
URL
https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-79]-Findeo-WordPress-Theme-v1.3.0.txt
URL
https://m0ze.ru/vulnerability/[2021-03-20]-[WordPress]-[CWE-79]-Realteo-WordPress-Plugin-v1.2.3.txt

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
7.1 (high)

Miscellaneous

Original Researcher
m0ze
Submitter
m0ze
Submitter website
https://m0ze.ru
Submitter twitter
vladm0ze
Verified
Yes
WPVDB ID
087b27c4-289e-410f-af74-828a608a4e1e

Timeline

Publicly Published
2021-03-31 (about 4 years ago)
Added
2021-04-01 (about 4 years ago)
Last Updated
2021-04-03 (about 4 years ago)

Other

Published
Title
Published
2025-04-11
Title
Royal Elementor Addons and Templates < 1.7.1013 - Contributor+ DOM-Based Stored XSS
Published
2025-01-31
Title
Botnet Attack Blocker <= 2.0.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
Published
2025-01-16
Title
ClickBank Storefront WordPress Plugin <= 1.7 - Reflected Cross-Site Scripting
Published
2025-01-08
Title
SimplyRETS Real Estate IDX < 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-11-28
Title
Devnex Addons For Elementor <= 1.0.9 - Contributor+ Stored XSS