Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Estatik — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting Estatik. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Estatik is a real estate WordPress plugin enabling property listings and management functionality. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin's 7 recorded CVEs highlight consistent security flaws, often stemming from insufficient input validation and improper access controls. Notable characteristics include its frequent appearance in vulnerability reports and its use in environments handling sensitive property data. While no major public incidents have been widely documented, the pattern of vulnerabilities suggests potential for exploitation in unpatched implementations, emphasizing the need for timely updates and security hardening.

Top products by Estatik: Estatik Mortgage Calculator Mortgage Calculator Estatik Estatik
CVE IDTitleCVSSSeverityPublished
CVE-2025-62963 WordPress Estatik plugin <= 4.3.1 - Cross Site Scripting (XSS) vulnerability — EstatikCWE-79 6.5 Medium2025-10-27
CVE-2025-48136 WordPress Mortgage Calculator Estatik plugin <= 2.0.12 - Local File Inclusion Vulnerability — Mortgage Calculator EstatikCWE-98 7.5 High2025-05-16
CVE-2025-26907 WordPress Estatik Mortgage Calculator plugin <= 2.0.12 - Local File Inclusion vulnerability — Mortgage Calculator EstatikCWE-79 7.5 High2025-02-25
CVE-2025-26905 WordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerability — EstatikCWE-22 7.5 High2025-02-25
CVE-2024-9354 Estatik Mortgage Calculator <= 2.0.11 - Reflected Cross-Site Scripting — Estatik Mortgage CalculatorCWE-79 6.1 Medium2025-01-07
CVE-2023-28490 WordPress Mortgage Calculator Estatik Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) — Estatik Mortgage CalculatorCWE-79 7.1 High2023-09-27
CVE-2023-40601 WordPress Mortgage Calculator Estatik Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) — Estatik Mortgage CalculatorCWE-79 7.1 High2023-09-06

This page lists every published CVE security advisory associated with Estatik. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.