CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32596 – WordPress Real Estate Manager plugin <= 7.3 - Arbitrary Code Execution vulnerability
https://notcve.org/view.php?id=CVE-2025-32596
15 Apr 2025 — Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real Estate Manager allows Code Injection. This issue affects Real Estate Manager: from n/a through 7.3. The Real Estate Manager – Property Listing and Agent Management plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.3. This makes it possible for unauthenticated attackers to execute code on the server. • https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-plugin-7-3-arbitrary-code-execution-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32668 – WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2025-32668
09 Apr 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3. The Real Estate Manager plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 7.3. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP ... • https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-plugin-7-3-local-file-inclusion-vulnerability-2?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32150 – WordPress Real Estate Manager plugin <= 7.3 - Local File Inclusion vulnerability
https://notcve.org/view.php?id=CVE-2025-32150
04 Apr 2025 — Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3. The Real Estate Manager plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 7.3. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the se... • https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-plugin-7-3-local-file-inclusion-vulnerability?_s_id=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22645 – WordPress Real Estate Manager – Property Listing and Agent Management plugin <= 7.3 - Captcha Bypass Vulnerability vulnerability
https://notcve.org/view.php?id=CVE-2025-22645
03 Feb 2025 — Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager allows Password Brute Forcing. This issue affects Real Estate Manager: from n/a through 7.3. The Real Estate Manager – Property Listing and Agent Management plugin for WordPress is vulnerable to CAPTCHA Bypass in all versions up to, and including, 7.3. This makes it possible for unauthenticated attackers to bypass CAPTCHA. • https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-property-listing-and-agent-management-plugin-7-3-captcha-bypass-vulnerability-vulnerability?_s_id=cve • CWE-307: Improper Restriction of Excessive Authentication Attempts CWE-804: Guessable CAPTCHA •