CVE-2024-3163

Publication date

2024-09-12 06:00:02

Family

WPScan

State

PUBLISHED

Description

The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack