Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Propertyhive
(Wp\-Property\-Hive)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-08 | CVE-2024-12585 | The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | Propertyhive | N/A | ||
| 2024-05-02 | CVE-2024-3607 | The PropertyHive plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_key_date() function in all versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts | Propertyhive | N/A | ||
| 2024-03-26 | CVE-2024-24718 | Missing Authorization vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.6. | Propertyhive | 6.5 | ||
| 2024-03-27 | CVE-2024-29923 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Reflected XSS.This issue affects PropertyHive: from n/a through 2.0.8. | Propertyhive | 6.1 | ||
| 2024-05-06 | CVE-2024-34381 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.10. | Propertyhive | 5.4 | ||
| 2024-11-01 | CVE-2024-37204 | Missing Authorization vulnerability in PropertyHive PropertyHive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PropertyHive: from n/a through 2.0.9. | Propertyhive | 4.3 | ||
| 2024-04-11 | CVE-2024-27985 | Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.9. | Propertyhive | 8.8 | ||
| 2023-04-07 | CVE-2023-29172 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.46 versions. | Propertyhive | 6.1 | ||
| 2023-05-15 | CVE-2023-22706 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions. | Propertyhive | 6.1 | ||
| 2024-02-12 | CVE-2024-23513 | Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5. | Propertyhive | 9.8 |