CVE-2025-2232 – Realteo – Real Estate Plugin by Purethemes WordPress Authentication Bypass Vulnerability

March 14, 2025
1:16 pm

CVE ID : CVE-2025-2232

Published : March 14, 2025, 12:15 p.m. | 42 minutes ago

Description : The Realteo – Real Estate Plugin by Purethemes plugin for WordPress, used by the Findeo Theme, is vulnerable to authentication bypass in all versions up to, and including, 1.2.8. This is due to insufficient role restrictions in the ‘do_register_user’ function. This makes it possible for unauthenticated attackers to register an account with the Administrator role.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-2232 – Realteo – Real Estate Plugin by Purethemes WordPress Authentication Bypass Vulnerability

Elvescore.io

Recent Posts

CVE-2024-12810 – The JobCareer | Job Board Responsive WordPress Theme Unauthenticated Remote Code Execution and Data Manipulation

CVE-2024-13771 – Civi WordPress Theme Unauthenticated Password Change Bypass

CVE-2024-13772 – Civi Job Board & Freelance Marketplace WordPress Theme Plugin Authentication Bypass

CVE-2024-13773 – Civi WordPress Theme Exposed Credentials