Security for everyone

CVE-2021-24237 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in Realteo plugin for WordPress affects v. before 1.2.4.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one


Parent Category

CVE-2021-24237 Scanner Detail

The Realteo WordPress plugin is a widely used tool that is integrated with the Findeo Theme. This plugin allows real estate agents to manage their properties by creating listings, managing contacts, and conducting property searches. The integration between Realteo and the Findeo Theme is intended to provide users with a seamless and easy-to-use experience.

Recently, a security vulnerability has been detected in the Realteo plugin with the code CVE-2021-24237. This flaw is related to the way the plugin sanitizes user input before outputting it in the properties page. Specifically, it fails to sanitize the keyword_search, search_radius, _bedrooms, and _bathrooms GET parameters. This unauthenticated reflected Cross-Site Scripting issue could allow attackers to inject malicious code into the website's output and steal sensitive data, such as user credentials or credit card information.

If exploited, the CVE-2021-24237 vulnerability can lead to a number of negative consequences for both the website owner and its users. Attackers can use this flaw to leverage targeted phishing or social engineering attacks, as well as perform data exfiltration or denial of service attacks. Additionally, a successful exploitation can damage the website's reputation and result in a loss of customer trust and confidence.

In conclusion, the CVE-2021-24237 vulnerability detected in the Realteo WordPress plugin can have severe consequences if exploited by attackers. However, by following the appropriate precautions and working with a trusted security provider like, website owners can safeguard their digital assets and provide a secure and reliable online experience for their users.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture