VYPR

Resido Real Estate Wordpress Theme

by WordPress

CVEs (4)

  • CVE-2025-4601HigJun 10, 2025
    risk 0.58cvss 8.8epss 0.04

    The "RH - Real Estate WordPress Theme" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This…

  • CVE-2025-7718HigSep 10, 2025
    risk 0.57cvss 8.8epss 0.00

    The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.5.4. This is due to the plugin not properly validating a user's identity prior to updating their…

  • CVE-2024-13307MedApr 24, 2025
    risk 0.34cvss 5.3epss 0.00

    The Reales WP - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'reales_delete_file', 'reales_delete_file_plans', 'reales_add_to_favourites', and 'reales_remove_from_favourites'…

  • CVE-2025-1285MedMar 14, 2025
    risk 0.34cvss 5.3epss 0.00

    The Resido - Real Estate WordPress Theme theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the delete_api_key and save_api_key AJAX actions in all versions up to, and including, 3.6. This makes it possible for unauthenticated attackers…