Skip to main content

Real Estate Manager Pro

1 CVEs product

Monthly

CVE-2026-57398 HIGH This Week

Reflected cross-site scripting in the WebCodingPlace Real Estate Manager Pro WordPress plugin (all versions up to and including 12.8.3) allows a remote attacker to inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. Because the CVSS scope is changed (S:C), successful execution can affect the broader WordPress session/DOM beyond the vulnerable component. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS was not supplied.

XSS Real Estate Manager Pro
NVD
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH This Week

Reflected cross-site scripting in the WebCodingPlace Real Estate Manager Pro WordPress plugin (all versions up to and including 12.8.3) allows a remote attacker to inject arbitrary JavaScript that executes in a victim's browser when they follow a crafted link. Because the CVSS scope is changed (S:C), successful execution can affect the broader WordPress session/DOM beyond the vulnerable component. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS was not supplied.

XSS Real Estate Manager Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy