Realestateconnected
realestateconnected
6 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Realestateconnected 1Easy Property Listings Jun 17, 2026 May 15, 2025 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The Easy Property Listings WordPress plugin before 3.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when th...Show more |
1Realestateconnected 1Easy Property Listings Jun 17, 2026 Sep 12, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack |
1Realestateconnected 1Easy Property Listings Jun 17, 2026 Jun 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in Merv Barrett Easy Property Listings.This issue affects Easy Property Listings: from n/a through 3.5.3. |
1Realestateconnected 1Easy Property Listings Jun 17, 2026 Apr 9, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient escaping on the user...Show more |
1Realestateconnected 1Easy Property Listings Jun 17, 2026 Feb 18, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors. |
1Realestateconnected 1Easy Property Listings Jun 17, 2026 Aug 30, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The easy-property-listings plugin before 3.4 for WordPress has XSS. |