CVE-2025-4601

{"id": "CVE-2025-4601", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2025-06-10T04:15:49.113", "references": [{"url": "https://themeforest.net/item/real-homes-wordpress-real-estate-theme/5373914", "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a816e5a8-2494-4bcf-869d-5214b21f7791?source=cve", "source": "security@wordfence.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "The \"RH - Real Estate WordPress Theme\" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to set their role to that of an administrator. The vulnerability was partially patched in version 4.4.0, and fully patched in version 4.4.1."}, {"lang": "es", "value": "El tema \"RH - Tema WordPress para Bienes Ra\u00edces\" para WordPress es vulnerable a la escalada de privilegios en todas las versiones hasta la 4.4.0 incluida. Esto se debe a que el tema no restringe correctamente los roles de usuario que se pueden actualizar mediante la funci\u00f3n inspiry_update_profile(). Esto permite que atacantes autenticados, con acceso de suscriptor o superior, configuren su rol como administrador. La vulnerabilidad se corrigi\u00f3 parcialmente en la versi\u00f3n 4.4.0 y completamente en la 4.4.1."}], "lastModified": "2025-06-12T16:06:39.330", "sourceIdentifier": "security@wordfence.com"}