cleantalk
Vulnerabilities and Security Researches

Easy Property Listings, CVE-2024-3163

CVE, Research URL

CVE-2024-3163

Home page URL

Security reports for Easy Property Listings

Application

Easy Property Listings

Published on
Sep 12, 2024
Research Description
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack
Affected versions
max 3.5.4.
Status
vulnerable
Previous vulnerability researches
Easy Property Listings (CVE-2024-32799) , Jun 07, 2024
Easy Property Listings (CVE-2020-5530) , Jun 07, 2024
Easy Property Listings (CVE-2019-15817) , Jun 07, 2024
Easy Property Listings (CVE-2024-1893) , Jun 07, 2024
Easy Property Listings (CVE-2024-2869) , May 31, 2025
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs – Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025