WordPress users beware – these popular theme plugins have some major security issues
Posted by:
John Harrison
Security researchers at Patchstack have uncovered critical vulnerabilities in a popular WordPress theme and plugin developed by InspiryThemes. The affected products, RealHomes and Easy Real Estate, have been identified as carrying flaws that could allow cyber attackers to escalate their privileges to admin level on a WordPress site. Tracked as CVE-2024-32444 and CVE-2024-32555 with severity scores of 9.8/10, these vulnerabilities can grant unauthorized access to control the site, manipulate content, and extract sensitive data. Despite efforts by Patchstack to notify InspiryThemes about the issues, the company has not responded or released patches in their recent updates. To safeguard websites, admins are advised to deactivate these products immediately, as the risks associated with the vulnerabilities remain high. It is recommended to limit new account creation as an additional security measure to prevent exploitation of these flaws. The disclosure of such vulnerabilities can attract malicious actors to target vulnerable sites, highlighting the ongoing threats faced by WordPress users.
Recent Posts1
Top 5 ways you can use Google Gemini to be more creative
February 6, 2025
