CVE-2025-39459

HIGH

Contempo Themes Real Estate <3.5.2 - Privilege Escalation

Title source: llm

Description

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through <= 3.5.2.

Exploits (4)

nomisec

by qalesyaSN · poc

https://github.com/qalesyaSN/CVE-2025-39459

View Code ZIP pw:eip

nomisec SCANNER

by RootHarpy · poc

https://github.com/RootHarpy/CVE-2025-39459-Nuclei-Template

View Code ZIP pw:eip

nomisec WORKING POC

by Dit-Developers · poc

https://github.com/Dit-Developers/CVE-2025-39459

View Code ZIP pw:eip

nomisec WORKING POC

by Nxploited · poc

https://github.com/Nxploited/CVE-2025-39459

View Code ZIP pw:eip

References (2)

[Vdb Entry] https://patchstack.com/database/Wordpress/Theme/realestate-7/vulnerability/wordpress-real-estate-7-theme-3-5-2-privilege-escalation-vulnerability?_s_id=cve

[Third Party Advisory] https://patchstack.com/database/wordpress/theme/realestate-7/vulnerability/wordpress-real-estate-7-theme-3-5-2-privilege-escalation-vulnerability?_s_id=cve

Scores

CVSS v3 7.3

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-266

Status published

Products (2)

contempoinc/Real Estate 7 < 3.5.2

Contempo Themes/Real Estate 7 < 3.5.2

Published May 19, 2025

Tracked Since Feb 18, 2026