Realestateconnected Easy_property_listings
6 CVEs affecting Realestateconnected Easy_property_listings. Latest disclosed: 2025-05-15. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1893 | High | 8.8 | 2024-04-09 | The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to… |
CVE-2020-5530 | High | 8.8 | 2020-02-18 | Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of adminis… |
CVE-2019-15817 | Medium | 6.1 | 2019-08-30 | The easy-property-listings plugin before 3.4 for WordPress has XSS. |
CVE-2024-32799 | Medium | 5.3 | 2024-06-09 | Missing Authorization vulnerability in Merv Barrett Easy Property Listings.This issue affects Easy Property Listings: from n/a through 3.5.3. |
CVE-2024-2869 | Medium | 4.8 | 2025-05-15 | The Easy Property Listings WordPress plugin before 3.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admi… |
CVE-2024-3163 | Medium | 4.3 | 2024-09-12 | The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged… |