CVE-2025-4601

RH - Real Estate WordPress Theme <= 4.4.0 - Authenticated (Subscriber+) Privilege Escalation

Assigner: Wordfence
Reserved: 12.05.2025 Published: 10.06.2025 Updated: 10.06.2025

The "RH - Real Estate WordPress Theme" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not properly restricting user roles that can be updated as part of the inspiry_update_profile() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to set their role to that of an administrator. The vulnerability was partially patched in version 4.4.0, and fully patched in version 4.4.1.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 8.8

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	Low	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	InspiryThemes
Product	RH - Real Estate WordPress Theme
Versions	Default: unaffected affected from * to 4.4.0 (incl.)

Vendor

InspiryThemes

Product

RH - Real Estate WordPress Theme

Versions

Default: unaffected

affected from * to 4.4.0 (incl.)

Credits

Thái An finder

References

Problem Types