4 matches found
CVE-2024-12525
creationtimestamp| type| source ---|---|--- 2025-02-18 05:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligixcvgzg2p 2025-02-18 07:56:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4745 2025-02-18 11:39:00+00:00| seen|...
CVE-2024-12525
The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-12525 Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-12525 Easy MLS Listings Import <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...