Vulnerabilities > Realestateconnected

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2024-3163 Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
network
low complexity
realestateconnected CWE-352
4.3
2020-02-18 CVE-2020-5530 Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings
Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
6.8
2019-08-30 CVE-2019-15817 Cross-site Scripting vulnerability in Realestateconnected Easy Property Listings
The easy-property-listings plugin before 3.4 for WordPress has XSS.
4.3