CVE-2025-39459

HIGH

Contempo Themes Real Estate <3.5.2 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 4 public exploits for CVE-2025-39459. PoCs published by qalesyaSN, RootHarpy, Dit-Developers.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-39459, targeting a WordPress vulnerability that allows unauthorized user registration with administrator privileges. The exploit automates the process of creating admin accounts by leveraging a flawed registration mechanism in the target software.

Description

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through <= 3.5.2.

Exploits (4)

nomisec WORKING POC

by qalesyaSN · poc

https://github.com/qalesyaSN/CVE-2025-39459

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2025-39459, targeting a WordPress vulnerability that allows unauthorized user registration with administrator privileges. The exploit automates the process of creating admin accounts by leveraging a flawed registration mechanism in the target software.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WordPress (specific plugin/theme not explicitly stated, but likely a custom registration form)

No auth needed

Prerequisites: Target URL with vulnerable WordPress installation · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Apr 09, 2026 Full analysis →

nomisec SCANNER

by RootHarpy · poc

https://github.com/RootHarpy/CVE-2025-39459-Nuclei-Template

View Code ZIP pw:eip

This repository contains a Nuclei template designed to detect an unauthenticated privilege escalation vulnerability (CVE-2025-39459) in the Real Estate 7 WordPress Theme. The template automates the process of extracting a nonce and sending a crafted request to exploit the vulnerability, checking for successful administrator registration.

Classification

Scanner 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Real Estate 7 WordPress Theme <= 3.5.2

No auth needed

Prerequisites: Access to the target WordPress site · Nuclei installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Mar 03, 2026 Full analysis →

nomisec WORKING POC

by Dit-Developers · poc

https://github.com/Dit-Developers/CVE-2025-39459

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2025-39459, targeting a WordPress registration vulnerability that allows unauthenticated user creation with administrator privileges. The exploit automates the process of extracting a nonce, crafting a malicious registration request, and verifying success.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WordPress (specific plugin/theme not explicitly named, but likely a custom registration handler)

No auth needed

Prerequisites: Target URL with vulnerable WordPress installation · Access to /wp-admin/admin-ajax.php and registration page

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 28, 2026 Full analysis →

nomisec WORKING POC

by Nxploited · poc

https://github.com/Nxploited/CVE-2025-39459

View Code ZIP pw:eip

The repository contains a functional Python exploit for CVE-2025-39459, targeting a WordPress registration vulnerability to create an administrator account. The exploit automates the process of extracting a nonce, crafting a malicious registration request, and verifying success.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WordPress (specific plugin not explicitly named, but likely a custom registration plugin)

No auth needed

Prerequisites: Target URL with vulnerable WordPress installation · Access to the registration page · Network connectivity to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Vdb Entry vdb-entry

https://patchstack.com/database/Wordpress/Theme/realestate-7/vulnerability/wordpress-real-estate-7-theme-3-5-2-privilege-escalation-vulnerability?_s_id=cve

Third Party Advisory

https://patchstack.com/database/wordpress/theme/realestate-7/vulnerability/wordpress-real-estate-7-theme-3-5-2-privilege-escalation-vulnerability?_s_id=cve

Scores

CVSS v3 7.3

EPSS 0.0034

EPSS Percentile 25.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-266

Status published

Products (2)

Contempo Themes/Real Estate 7 < 3.5.2

contempoinc/Real Estate 7 < 3.5.2

Published May 19, 2025

Tracked Since Feb 18, 2026