CVEs-PoC/2025/CVE-2025-6934.md at 4e4e30233e70832d643d5c6ab6fbfa6f130b4bb1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-30 00:49:28 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Opal Estate Pro – Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to privilege escalation via in all versions up to, and including, 1.7.5. This is due to a lack of role restriction during registration in the 'on_regiser_user' function. This makes it possible for unauthenticated attackers to arbitrarily choose the role, including the Administrator role, assigned when registering.

POC

Reference

https://themeforest.net/item/fullhouse-real-estate-responsive-wordpress-theme/16179481

Github

https://github.com/0xgh057r3c0n/CVE-2025-6934
https://github.com/ARPSyndicate/cve-scores
https://github.com/MrjHaxcore/CVE-2025-6934
https://github.com/Nxploited/CVE-2025-6934
https://github.com/PuddinCat/GithubRepoSpider
https://github.com/Pwdnx1337/CVE-2025-6934
https://github.com/Rosemary1337/CVE-2025-6934
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/plzheheplztrying/cve_monitor
https://github.com/yukinime/CVE-2025-6934

1.5 KiB Raw Blame History Unescape Escape

CVE-2025-6934

Description

POC

Reference

Github

1.5 KiB

Raw Blame History