G5theme Essential Real Estate
9 CVEs affecting G5theme Essential Real Estate. Latest disclosed: 2025-12-16. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-48126 | High | 8.1 | 2025-06-09 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essentia… |
CVE-2025-30849 | High | 8.1 | 2025-04-01 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essentia… |
CVE-2023-6827 | High | 7.5 | 2023-12-15 | The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' functi… |
CVE-2025-68071 | Medium | 6.5 | 2025-12-16 | Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured… |
CVE-2024-4273 | Medium | 6.4 | 2024-06-04 | The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to… |
CVE-2025-66127 | Medium | 5.3 | 2025-12-16 | Missing Authorization vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Lev… |
CVE-2025-24698 | Medium | 4.3 | 2025-01-24 | Cross-Site Request Forgery (CSRF) vulnerability in g5theme Essential Real Estate essential-real-estate allows Cross Site Request Forgery.This issue affects Ess… |
CVE-2024-12329 | Medium | 4.3 | 2024-12-12 | The Essential Real Estate plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several pages/post types in al… |
CVE-2024-4274 | Medium | 4.3 | 2024-06-04 | The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax… |