Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro allows Reflected XSS. This issue affects Real Estate Manager Pro: from n/a through 12.7.3.
Fixes

Solution

Update the WordPress Real Estate Manager Pro plugin to the latest available version (at least 12.7.4).


Workaround

No workaround given by the vendor.

History

Sun, 24 Aug 2025 22:30:00 +0000

Type Values Removed Values Added
First Time appeared Webcodingplace
Webcodingplace real Estate Manager
Wordpress
Wordpress wordpress
Vendors & Products Webcodingplace
Webcodingplace real Estate Manager
Wordpress
Wordpress wordpress

Wed, 20 Aug 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 20 Aug 2025 08:15:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro allows Reflected XSS. This issue affects Real Estate Manager Pro: from n/a through 12.7.3.
Title WordPress Real Estate Manager Pro Plugin <= 12.7.3 - Cross Site Scripting (XSS) Vulnerability
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2025-08-20T14:48:40.239Z

Reserved: 2025-07-16T08:51:58.889Z

Link: CVE-2025-54032

cve-icon Vulnrichment

Updated: 2025-08-20T14:47:36.776Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-20T08:15:46.897

Modified: 2025-08-20T14:39:07.860

Link: CVE-2025-54032

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-24T22:19:09Z