Vulnerabilities and security researches forreal-estate-manager real-estate-manager

Jul 03, 2025

CVE, Research URL: CVE-2025-52825
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Jun 20, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager allows Privilege Escalation. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: CVE-2025-50044
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Jun 20, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real Estate Manager allows Cross Site Request Forgery. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

Apr 19, 2025

CVE, Research URL: CVE-2025-32596
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Apr 17, 2025
Research Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Rameez Iqbal Real Estate Manager allows Code Injection. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

Apr 12, 2025

CVE, Research URL: CVE-2025-32668
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Apr 10, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

Apr 06, 2025

CVE, Research URL: CVE-2025-32150
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Apr 04, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager allows PHP Local File Inclusion. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

Feb 21, 2025

CVE, Research URL: CVE-2025-22645
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: Feb 19, 2025
Research Description: Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager allows Password Brute Forcing. This issue affects Real Estate Manager: from n/a through 7.3.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-4239
Home page URL: Security reports for Real Estate Manager – Property Listing and Agent Management
Application: Real Estate Manager – Property Listing and Agent Management
Date: -
Research Description: The Real Estate Manager plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 7.2 due to insufficient restriction on the 'rem_save_profile_front' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_capabilities' parameter during a profile update.
Affected versions: Min -, max -.
Status: vulnerable