cleantalk
Vulnerabilities and Security Researches

Realty Portal – Agent, CVE-2025-6190

CVE, Research URL

CVE-2025-6190

Home page URL

Security reports for Realty Portal – Agent

Application

Realty Portal – Agent

Published on
Jul 23, 2025
Research Description
The Realty Portal – Agent plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization within the rp_user_profile() AJAX handler in versions 0.1.0 through 0.3.9. The handler reads the client-supplied meta key and value pairs from $_POST and passes them directly to update_user_meta() without restricting to a safe whitelist. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the wp_capabilities meta and grant themselves the administrator role.
Affected versions
Min -, max 0.3.9.
Status
vulnerable
Previous vulnerability researches
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-24573) , Jan 26, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-1926) , Mar 10, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2024-13427) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-4223) , May 25, 2025
Page Builder: Pagelayer – Drag and Drop website builder (CVE-2025-2104) , Mar 14, 2025
New vulnerability
Orion Login with SMS (CVE-2025-7692) , Jul 23, 2025
WordPress Infinite Scroll – Ajax Load More (CVE-2015-10140) , Jul 23, 2025
Social Streams (CVE-2025-7722) , Jul 23, 2025
Ebook Store (CVE-2025-7486) , Jul 23, 2025
Formality (CVE-2025-48157) , Jul 23, 2025