VYPR

Impress for IDX Broker

by WordPress

CVEs (4)

  • CVE-2025-31556MedMar 31, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker idx-broker-platinum allows Stored XSS.This issue affects IMPress for IDX Broker: from n/a through <= 3.2.3.

  • CVE-2024-44047MedSep 17, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker idx-broker-platinum allows Stored XSS.This issue affects IMPress for IDX Broker: from n/a through <= 3.2.2.

  • CVE-2020-9514MedApr 7, 2020
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.php allows a logged-in user (with the Subscriber role) to permanently delete arbitrary posts and pages, create new posts with arbitrary subjects, and modify the subjects of existing…

  • CVE-2020-11512MedApr 7, 2020
    risk 0.35cvss 5.4epss 0.01

    Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 allows authenticated attackers with minimal (subscriber-level) permissions to save arbitrary JavaScript in the plugin's settings panel via the idx_update_recaptcha_key AJAX action and a crafted…