Wpopal Opal Estate Pro Property Management And Submission vulnerabilities
2 known vulnerabilities affecting wpopal/opal_estate_pro_property_management_and_submission.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-6934P1CRITICALCVSS 9.8PoC≤ 1.7.52025-07-01
CVE-2025-6934 [CRITICAL] CWE-269 CVE-2025-6934: The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse
The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the 'on_regiser_user' function. This makes it possible f
nvd
CVE-2024-3666P4MEDIUMCVSS 6.4≤ 1.7.62024-05-22
CVE-2024-3666 [MEDIUM] CWE-87 CVE-2024-3666: The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to Store
The Opal Estate Pro – Property Management and Submission plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the agent latitude and longitude parameters in all versions up to, and including, 1.7.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and
nvd