CVE-2025-54052
WordPress Realtyna Organic IDX plugin <= 5.0.0 - Local File Inclusion Vulnerability
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin real-estate-listing-realtyna-wpl allows PHP Local File Inclusion.This issue affects Realtyna Organic IDX plugin: from n/a through <= 5.0.0.
| CWE | CWE-352 |
| Vendor | realtyna |
| Product | realtyna organic idx plugin |
| Published | Aug 20, 2025 |
| Last Updated | Apr 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for realtyna realtyna organic idx plugin
Be the first to know when new high vulnerabilities affecting realtyna realtyna organic idx plugin are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Realtyna / Realtyna Organic IDX plugin
0 โค 5.0.0
References
Credits
LVT-tholv2k | Patchstack Bug Bounty Program