Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Unauthenticated network XSS (PR:N, AV:N) needing victim click (UI:R); injected script crosses into the browser context (S:C) with limited C/I/A impact typical of XSS.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.
AnalysisAI
Reflected/stored Cross-Site Scripting in the Real Estate 7 WordPress theme (contempoinc) versions 3.5.9 and earlier lets unauthenticated remote attackers inject arbitrary JavaScript that executes in a victim's browser when they interact with a crafted link or page. The scope-changing flaw (CVSS 3.1 7.1) can hijack sessions or perform actions in the victim's authenticated context, including administrators. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires no authentication (PR:N) but does require victim user interaction (UI:R) - a target must click an attacker-crafted link or visit a page carrying the malicious payload - and the site must run Real Estate 7 theme version 3.5.9 or earlier. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, base 7.1 High) shows a network-reachable, low-complexity flaw requiring no privileges but requiring user interaction, with a scope change (S:C) reflecting that injected script executes in the browser context beyond the vulnerable component - the hallmark of XSS. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a URL pointing at a Real Estate 7 site with a malicious script embedded in a reflected parameter and distributes it via email or a listing link. When a logged-in site administrator or visitor clicks the link, the script executes in their browser under the site's origin, allowing session cookie theft, CSRF-token exfiltration, or actions performed as that user. … |
| Remediation | No vendor-released patch version is identified in the provided data, so upgrade to the vendor's latest patched release of Real Estate 7 above 3.5.9 as soon as ContempoInc publishes it, and monitor the Patchstack advisory (https://patchstack.com/database/wordpress/theme/realestate-7/vulnerability/wordpress-real-estate-7-theme-3-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve) for the exact fix version. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Conduct asset inventory to identify all sites using Real Estate 7 theme version 3.5.9 or earlier; flag critical or customer-facing properties for immediate triage. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Real Estate 7
View allThe WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ct_community parameter in its search
The Real Estate 7 WordPress theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and includi
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41343
GHSA-v47f-fhqp-6ffw