Easy Property Listings <= 3.3.5 - XSS



Description
Changelog for 3.4 mentions:

- MAJOR Security Update Release. Important to update to the latest version to protect your website. Easy Property Listings has been reviewed and approved by the WordPress plugin team.
- This is a critical update to Easy Property Listings plugin that is focused on security enhancements. Update you site to this version.
- Fix: XSS security flaw.

Affects Plugin

fixed in version 3.4

References

CVE 2019-15817
URL https://plugins.trac.wordpress.org/changeset?new=2140896%40easy-property-listings&old=2138850%40easy-property-listings

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Views 2856
Verified No
WPVDB ID 9511

Timeline

Publicly Published 2019-08-17 (3 months ago)
Added 2019-08-18 (3 months ago)
Last Updated 2019-08-30 (3 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin