Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered by m0ze (Patchstack Red Team) in WordPress Real Estate 7 premium theme (versions <= 3.1.0). Vulnerable parameter: "&ct_community=".
Update the WordPress Real Estate 7 premium theme to the latest available version (at least 3.1.1). Changelog still doesn't show the latest version, but according to the research author issue is solved, and the patched version has a 3.1.1 number.
Found a vulnerability that puts your sites at risk?