4 matches found
CVE-2025-6758
The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imicagentregister' function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticate...
CVE-2025-6758
The CVE covers the Real Spaces – WordPress Properties Directory Theme for WordPress, vulnerable to unauthenticated privilege escalation via the imic_agent_register function in all versions up to 3.6. The flaw stems from insufficient restrictions on the registration role, allowing an attacker to s...
CVE-2025-8218
The CVE (CVE-2025-8218) concerns Real Spaces – WordPress Properties Directory Theme. The vulnerability is a privilege-escalation flaw in the change_role_member parameter that fails to restrict the profile update role, allowing unauthenticated or subscriber-level actors to elevate to Administrator...
PT-2025-33709
Name of the Vulnerable Software and Affected Versions: Real Spaces - WordPress Properties Directory Theme versions prior to 3.7 Description: The Real Spaces - WordPress Properties Directory Theme for WordPress is susceptible to privilege escalation through the imic agent register function. This...