VYPR

Easy Property Listings

by Realestateconnected

CVEs (2)

  • CVE-2024-1893HigApr 9, 2024
    risk 0.57cvss 8.8epss 0.01

    The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation…

  • CVE-2025-68072MedJan 22, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through <= 3.5.20.