G5theme Essential Real Estate

9 CVEs affecting G5theme Essential Real Estate. Latest disclosed: 2025-12-16. Critical: 0, High: 3.

Top CVEs affecting G5theme Essential Real Estate
CVESeverityScorePublishedSummary
CVE-2025-48126High8.12025-06-09Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essentia…
CVE-2025-30849High8.12025-04-01Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essentia…
CVE-2023-6827High7.52023-12-15The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' functi…
CVE-2025-68071Medium6.52025-12-16Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured…
CVE-2024-4273Medium6.42024-06-04The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to…
CVE-2025-66127Medium5.32025-12-16Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Lev…
CVE-2025-24698Medium4.32025-01-24Cross-Site Request Forgery (CSRF) vulnerability in g5theme Essential Real Estate essential-real-estate allows Cross Site Request Forgery.This issue affects Ess…
CVE-2024-12329Medium4.32024-12-12The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in al…
CVE-2024-4274Medium4.32024-06-04The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax…