CVE-2024-13347 Information

Description

The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes leading to Reflected Cross-Site Scripting.

Reference

https://wpscan.com/vulnerability/e2f97636-4c67-409a-83c6-ad6255aa2cc5/