Real Estate 7 < 3.0.5 - Unauthenticated Reflected XSS
An Unauthenticated Reflected XSS vulnerability was discovered in the Real Estate 7 theme v3.0.4 for WordPress.
Vulnerable parameters: ct_sqft_from, ct_sqft_to, ct_lotsize_from, ct_lotsize_to, ct_mls.
Edit (WPScanTeam): The issue has been hot-fixed in 3.0.4. So the fixed in has been set to 3.0.5 (the next version to be released)