ID de Prueba:	1.3.6.1.4.1.25623.1.0.171110
Categoría:	Privilege escalation
Título:	WordPress InspiryThemes RealHomes Theme Multiple Privilege Escalation Vulnerabilities (Jan 2025)
Resumen:	The WordPress theme RealHomes by InspiryThemes is prone to; multiple privilege escalation vulnerabilities.
Descripción:	Summary: The WordPress theme RealHomes by InspiryThemes is prone to multiple privilege escalation vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2024-32444: This vulnerability occurs because the code that handles user input doesn't have any authorization or nonce check. If registration is enabled on the settingd any attacker can takeover the website. The theme also doesn't check if the user is calling the inspiry_ajax_register action with a $user_role parameter and has permission to create Administrator role accounts, allowing anyone to generate one. - CVE-2024-32555: Unauthenticated privilege escalation via the social login. Vulnerability Impact: These vulnerabilities allow any unauthenticated user to increase their privileges and take over the WordPress site by performing a series of HTTP requests. Affected Software/OS: All versions of WordPress theme RealHomes by InspiryThemes. Solution: No known solution is available as of 06th February, 2025. Information regarding this issue will be updated once solution details are available. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-32444 Common Vulnerability Exposure (CVE) ID: CVE-2024-32555
Copyright	Copyright (C) 2025 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.