Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Propertyhive
(Wp\-Property\-Hive)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-08 | CVE-2024-12585 | The Property Hive WordPress plugin before 2.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | Propertyhive | N/A | ||
| 2024-05-02 | CVE-2024-3607 | The PropertyHive plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the delete_key_date() function in all versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary posts | Propertyhive | N/A | ||
| 2024-03-26 | CVE-2024-24718 | Missing Authorization vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.6. | Propertyhive | 6.5 |