Realestateconnected Easy Property Listings — known CVE vulnerabilities
Every CVE whose affected-product data names Realestateconnected Easy Property Listings, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-5530 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the…
CVE-2024-1893 — CVSS 8.8 (high): The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute…
CVE-2024-2869 — CVSS 4.8 (medium): The Easy Property Listings WordPress plugin before 3.5.4 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-3163 — CVSS 4.3 (medium): The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow…