G5plus: >> Essential Real Estate >> 5.0.0 Security Vulnerabilities
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.1.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-06-09
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate allows PHP Local File Inclusion. This issue affects Essential Real Estate: from n/a through 5.2.0.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-04-01
Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential Real Estate allows Cross Site Request Forgery. This issue affects Essential Real Estate: from n/a through 5.1.8.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-01-24
The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in all versions up to, and including, 5.1.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to access invoices and transaction logs
CVSS Score
4.3
EPSS Score
0.001
Published
2024-12-12