Test Kennung:	1.3.6.1.4.1.25623.1.0.171110
Kategorie:	Privilege escalation
Titel:	WordPress InspiryThemes RealHomes Theme Multiple Privilege Escalation Vulnerabilities (Jan 2025)
Zusammenfassung:	The WordPress theme RealHomes by InspiryThemes is prone to; multiple privilege escalation vulnerabilities.
Beschreibung:	Summary: The WordPress theme RealHomes by InspiryThemes is prone to multiple privilege escalation vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2024-32444: This vulnerability occurs because the code that handles user input doesn't have any authorization or nonce check. If registration is enabled on the settingd any attacker can takeover the website. The theme also doesn't check if the user is calling the inspiry_ajax_register action with a $user_role parameter and has permission to create Administrator role accounts, allowing anyone to generate one. - CVE-2024-32555: Unauthenticated privilege escalation via the social login. Vulnerability Impact: These vulnerabilities allow any unauthenticated user to increase their privileges and take over the WordPress site by performing a series of HTTP requests. Affected Software/OS: All versions of WordPress theme RealHomes by InspiryThemes. Solution: No known solution is available as of 06th February, 2025. Information regarding this issue will be updated once solution details are available. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-32444 Common Vulnerability Exposure (CVE) ID: CVE-2024-32555
Copyright	Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.