Description
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management version 1.38.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.38.4 or latest
References
Related Vulnerabilities
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16177)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2020-13950)
WordPress Plugin Stock Ticker Security Bypass (3.23.0)
WordPress Plugin Fusion:Extension-Map Multiple Unspecified Vulnerabilities (1.0.3)
WordPress Plugin Google Sitemap by BestWebSoft Cross-Site Scripting (2.9.1)