cleantalk
Vulnerabilities and Security Researches

Easy Property Listings, CVE-2024-2869

CVE, Research URL

CVE-2024-2869

Home page URL

Security reports for Easy Property Listings

Application

Easy Property Listings

Published on
May 16, 2025
Research Description
The Easy Property Listings WordPress plugin before 3.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 3.5.4.
Status
vulnerable
Previous vulnerability researches
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2019-25143) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (7d5b4ba83a5c6004460bf267fe534a359e1416b0) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2023-4013) , Jun 07, 2024
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1621) , Mar 14, 2025
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1620) , Mar 14, 2025
New vulnerability
EU/UK VAT Manager for WooCommerce (CVE-2025-47504) , Jun 02, 2025
Tournamatch (CVE-2025-4594) , Jun 02, 2025
WP YouTube Video Optimizer (CVE-2025-4217) , Jun 02, 2025
Relevanssi – A Better Search (CVE-2025-5016) , Jun 02, 2025
Offsprout Page Builder (CVE-2025-4672) , Jun 02, 2025