CVE-2025-6758

CRITICAL

Imithemes Real Spaces - WordPress Properties Directory Theme <= 3.6 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2025-6758. PoCs published by adminlove520, Boshe99, Nxploited.

AI-analyzed exploit summary The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and executable scripts.

Description

The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imic_agent_register' function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during user registration.

Exploits (3)

github WORKING POC 2 stars

by adminlove520 · pythonpoc

https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-6758

View Code ZIP pw:eip

The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and executable scripts.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: TOTOLINK LR350, TOTOLINK T6, Fortinet SSL VPN

No auth needed

Prerequisites: network access to the target device

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Feb 27, 2026 Full analysis →

github WORKING POC

by Boshe99 · pythonpoc

https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2025-6758

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2025-6758, targeting a WordPress plugin (3DPrint Lite 1.9.1.4) with an arbitrary file upload vulnerability. The Python script demonstrates the ability to upload a malicious file to a vulnerable target.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WordPress Plugin 3DPrint Lite 1.9.1.4

No auth needed

Prerequisites: target URL · malicious file to upload

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 27, 2026 Full analysis →

github WORKING POC

by Nxploited · pythonpoc

https://github.com/Nxploited/CVE-2025-6758

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2025-6758, targeting a WordPress registration vulnerability. The script automates nonce extraction, payload construction, and user registration with elevated privileges.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WordPress (specific version not specified)

No auth needed

Prerequisites: Access to WordPress registration page · AJAX endpoint availability

MITRE ATT&CK

T1110.001 - Password Guessing T1078 - Valid Accounts

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://themeforest.net/item/real-spaces-wordpress-real-estate-theme/8219779

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/e2b24858-dfcd-46f3-9552-c7acc63a1ee7?source=cve

Scores

CVSS v3 9.8

EPSS 0.0035

EPSS Percentile 26.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

imithemes/Real Spaces - WordPress Properties Directory Theme < 3.6

Published Aug 19, 2025

Tracked Since Feb 18, 2026