cleantalk
Vulnerabilities and Security Researches

Easy Property Listings, CVE-2024-3163

CVE, Research URL

CVE-2024-3163

Home page URL

Security reports for Easy Property Listings

Application

Easy Property Listings

Published on
Sep 12, 2024
Research Description
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
Affected versions
Min -, max 3.5.4.
Status
vulnerable
Previous vulnerability researches
Easy Property Listings (CVE-2024-32799) , Jun 07, 2024
Easy Property Listings (CVE-2020-5530) , Jun 07, 2024
Easy Property Listings (CVE-2019-15817) , Jun 07, 2024
Easy Property Listings (CVE-2024-1893) , Jun 07, 2024
Easy Property Listings (CVE-2024-2869) , May 31, 2025
New vulnerability
Post Slider and Post Carousel with Post Vertical Scrolling Widget – A Responsive Post Slider (CVE-2025-4567) , Jun 06, 2025
Popup Maker – Popup for opt-ins, lead gen, & more (CVE-2025-4205) , Jun 06, 2025
MaxiBlocks Free Page Builder & Template Library (CVE-2025-47601) , Jun 06, 2025
MetalpriceAPI (CVE-2025-48140) , Jun 05, 2025
Broken Link Checker (CVE-2025-4047) , Jun 05, 2025