Vulnerabilities > Realestateconnected > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-3163 | Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack | 4.3 |
| 2019-08-30 | CVE-2019-15817 | Cross-site Scripting vulnerability in Realestateconnected Easy Property Listings The easy-property-listings plugin before 3.4 for WordPress has XSS. | 6.1 |