Exploit for #VU29338 Cross-site scripting in Nexos

Exploit for #VU29338 Cross-site scripting in Nexos - Real Estate WordPress Theme

Published: 2021-06-17

Vulnerability identifier: #VU29338

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-15364

CWE-ID: CWE-79

Exploitation vector: Network

Exploits in database: 1

June 17, 2021
- WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection [Exploit-DB]

Impact: Information disclosure and data manipulation

Vulnerable software:
Nexos - Real Estate WordPress Theme
Web applications / Modules and components for CMS

Vendor: sanljiljan