Vulnerabilities > Realestateconnected
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-12 | CVE-2024-3163 | Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack | 4.3 |
2020-02-18 | CVE-2020-5530 | Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2019-08-30 | CVE-2019-15817 | Cross-site Scripting vulnerability in Realestateconnected Easy Property Listings The easy-property-listings plugin before 3.4 for WordPress has XSS. | 6.1 |