3 matches found
CVE-2025-6190
creationtimestamp| type| source ---|---|--- 2025-07-23 06:53:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lumgpfya2f2w...
CVE-2025-6190 Realty Portal – Agent <= 0.3.9 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via rp_user_profile() Function
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rpuserprofile AJAX handler in versions 0.1.0 through 0.3.9. The handler reads the client-supplied meta key and value pairs from $POST and passes them directly to...
WordPress Realty Portal – Agent plugin <= 0.3.9 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via rp_user_profile() Function vulnerability
Missing Authorization to Authenticated Subscriber+ Privilege Escalation via rpuserprofile Function vulnerability discovered by theviper17y in WordPress Plugin Realty Portal – Agent versions = 0.3.9...