CVE-2025-2232 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and…
Critical CVSS: 9.8

CVE-2025-2232

The Realteo - Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and including, 1.2.8. This is due to insufficient role restrictions in the 'do_register_user' function. This makes it possible for unauthenticated attackers to register an account with the Administrator role.
Vendor
Purethemes
Product
Realteo
CWE
CWE-269
Yayın Tarihi
2025-03-14 12:15:14
Güncelleme
2025-03-25 20:13:28
Source Identifier
security@wordfence.com
KEV Date Added
-

Kategoriler

CWE-269 Realteo CRITICAL Purethemes 2025

Referanslar

https://docs.purethemes.net/findeo/knowledge-base/changelog-findeo/ https://www.wordfence.com/threat-intel/vulnerabilities/id/abe73ecd-1325-4d6d-8545-d27f6116ca43?source=cve