Unpatched Vulnerabilities Exist In RealHome Theme And Plugin

WordPress admins maintaining real estate websites with RealHome Theme and plugin must secure their sites as several vulnerabilities exist in the theme. For now, the developers have not patched any reported vulnerabilities, exposing all the websites using the theme to security threats.

RealHome Theme And WordPress Plugin Vulnerabilities Await Patch

Researchers from Patchstack discovered numerous security vulnerabilities in RealHome Theme and its affiliated plugin, Easy Real Estate, which threaten many WordPress websites.

As explained, the researchers found two vulnerabilities that risk numerous websites.

• CVE-2024-32444 (critical severity; CVSS 9.8): Lack of nonce check in the code handling user input could allow privilege escalation in RealHolmes Theme. In addition, any user could create new accounts with admin roles, as the theme lacked authorization checks for users calling the inspiry_ajax_register action with a $user_role parameter. This way, any unauthorized adversary could take over the target websites.
• CVE-2024-32555 (critical severity; CVSS 9.8): Another privilege escalation affecting the Easy Real Estate Plugin. The vulnerability existed in the plugin’s ere_social_register() function. The plugin lacked user authorization for the admin account email address, allowing any unauthenticated adversary to log in as the admin merely with the email address without having to know the password.

Patchstack researchers discovered these vulnerabilities in plugin version 4.3.3. Upon finding the vulnerabilities, the researchers promptly reported the matter to InspiryThemes, the developers. However, despite repeated updates, the developers didn’t patch the vulnerabilities until writing this story.

Since the vulnerabilities have now been disclosed, users must remain careful about the security of their websites. The researchers advise users to disable the RealHome Theme and Easy Real Estate plugin until their patched versions arrive.

As mitigations, the researchers recommend strict whitelisting of user inputs to wp_set_auth_cookie(), wp_update_user(), update_user_meta(), and similar functions. The researchers also advised restricting user account creation on their sites to prevent malicious unauthorized accounts.

Let us know your thoughts in the comments.