Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 10 Jun 2026 01:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 05 Jun 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Fruitfulcode
Fruitfulcode zoner Real Estate Wordpress Wordpress wordpress |
|
| Vendors & Products |
Fruitfulcode
Fruitfulcode zoner Real Estate Wordpress Wordpress wordpress |
Thu, 04 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 04 Jun 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | WordPress Theme Zoner Real Estate 4.1.1 contains a persistent cross-site scripting vulnerability that allows authenticated agents to inject malicious scripts through the Address input field when creating properties. Attackers can inject JavaScript payloads in the property creation form that execute when administrators view the property for approval, enabling cookie theft and session hijacking. | |
| Title | WordPress Theme Zoner Real Estate 4.1.1 Persistent XSS | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-06-10T01:23:50.714Z
Reserved: 2026-06-04T11:12:23.929Z
Link: CVE-2019-25742
Updated: 2026-06-04T13:59:54.441Z
Status : Deferred
Published: 2026-06-04T14:16:33.107
Modified: 2026-06-10T02:16:32.027
Link: CVE-2019-25742
No data.
OpenCVE Enrichment
Updated: 2026-06-05T10:07:46Z