PatchSiren

Property Hive CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Property Hive CVE published 2026-07-13

CVE-2026-57381

A reflected cross-site scripting (XSS) vulnerability was discovered in the PropertyHive WordPress plugin up to version 2.2.3. This issue allows an attacker to inject malicious scripts into web pages, potentially leading to unauthorized actions or data theft. The vulnerability has a CVSS score of 7.1 and is considered HIGH severity. Users of the PropertyHive WordPress plugin, particularly those with versio [truncated]