CVE-2024-4274 - Vulnerability Details - OpenCVE

The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
G5plus	Essential Real Estate

Configuration 1 [-]

cpe:2.3:a:g5plus:essential_real_estate:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28
https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve

History

Thu, 29 May 2025 20:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		G5plus G5plus essential Real Estate
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:a:g5plus:essential_real_estate::::::wordpress::*
Vendors & Products		G5plus G5plus essential Real Estate

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-06-04T05:32:15.727Z

Updated: 2024-08-01T20:33:53.031Z

Reserved: 2024-04-26T19:48:45.348Z

Link: CVE-2024-4274

Vulnrichment

Updated: 2024-08-01T20:33:53.031Z

NVD

Status : Analyzed

Published: 2024-06-04T06:15:11.133

Modified: 2025-05-29T20:21:29.303

Link: CVE-2024-4274

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4274", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2024-04-26T19:48:45.348Z", "datePublished": "2024-06-04T05:32:15.727Z", "dateUpdated": "2024-08-01T20:33:53.031Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-04T05:32:15.727Z"}, "affected": [{"vendor": "g5theme", "product": "Essential Real Estate", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "4.4.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments."}], "title": "Essential Real Estate <= 4.4.2 - Insecure Direct Object Reference to Arbitrary Attachment Deletion", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "timeline": [{"time": "2024-06-03T16:39:54.000+00:00", "lang": "en", "value": "Disclosed"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4274", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-04T15:02:26.757138Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:53:25.043Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:53.031Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve", "tags": ["x_transferred"]}, {"url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:33:53.031Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4274", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-04T15:02:26.757138Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T15:02:34.445Z"}}], "cna": {"title": "Essential Real Estate <= 4.4.2 - Insecure Direct Object Reference to Arbitrary Attachment Deletion", "credits": [{"lang": "en", "type": "finder", "value": "Lucio S\u00e1"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}}], "affected": [{"vendor": "g5theme", "product": "Essential Real Estate", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "4.4.2"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2024-06-03T16:39:54.000+00:00", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28"}], "descriptions": [{"lang": "en", "value": "The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2024-06-04T05:32:15.727Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4274", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:33:53.031Z", "dateReserved": "2024-04-26T19:48:45.348Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2024-06-04T05:32:15.727Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:g5plus:essential_real_estate:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "DCF80299-C7A3-4EE8-B014-4C5E160070B4", "versionEndExcluding": "4.4.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments."}, {"lang": "es", "value": "El complemento Essential Real Estate para WordPress es vulnerable a la p\u00e9rdida no autorizada de datos debido a una validaci\u00f3n insuficiente de la funci\u00f3n remove_property_attachment_ajax() en todas las versiones hasta la 4.4.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen archivos adjuntos arbitrarios."}], "id": "CVE-2024-4274", "lastModified": "2025-05-29T20:21:29.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2024-06-04T06:15:11.133", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/essential-real-estate/trunk/public/partials/property/class-ere-property.php#L28"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7dc41eb7-5c9a-4a67-902d-9a855840668b?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}