Description
WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management is prone to an information disclosure vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin WP-Property-WordPress Powered Real Estate and Property Management version 1.38.3.2 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.38.4 or latest
References
Related Vulnerabilities
WordPress Plugin Open Graph for Facebook, Google+ and Twitter Card Tags Cross-Site Scripting (2.2.4)
PHP Improper Input Validation Vulnerability (CVE-2012-2336)
WordPress Plugin XData Toolkit Arbitrary File Upload (1.9)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1864)
Jboss EAP Improper Input Validation Vulnerability (CVE-2013-2185)