WordPress PropertyHive Plugin <= 1.5.46 is vulnerable to Cross Site Scripting (XSS)
CVE-2023-29172
7.1HIGH
What is CVE-2023-29172?
The PropertyHive plugin for WordPress, in versions up to and including 1.5.46, is susceptible to an unauthenticated reflected Cross-Site Scripting (XSS) vulnerability. This security flaw allows attackers to inject malicious scripts into webpages viewed by users. If exploited, this vulnerability could lead to significant security risks, allowing unauthorized actions or data theft against users interacting with affected sites.
Affected Version(s)
PropertyHive <= 1.5.46