Description
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management version 1.38.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.38.4 or latest
References
Related Vulnerabilities
Jboss EAP Improper Authentication Vulnerability (CVE-2011-4085)
WordPress Plugin WP Dynamic Keywords Injector Cross-Site Request Forgery (2.3.15)
WordPress Plugin Profile Builder-User Profile & User Registration Forms Cross-Site Scripting (2.2.4)
Drupal Incorrect Authorization Vulnerability (CVE-2022-25270)