Reveal Listing

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.

Basic Information

ID CVE-2025-6994

Source Wordfence

Published Aug 6, 2025 at 03:41

Modified Aug 6, 2025 at 19:29

Affected Product

Vendor SmartDataSoft

Product Reveal Listing

Version *

Affected Versions SmartDataSoft Reveal Listing *

CWE Classification

CWE-269

References

{
    "lastseen": "",
    "description": "The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.",
    "published": "2025-08-06T03:41:01.031Z",
    "modified": "2025-08-06T19:29:22.342Z",
    "type": "cve",
    "title": "Reveal Listing <= 3.3 - Unauthenticated Privilege Escalation",
    "source": "Wordfence",
    "references": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd00d716-535c-41eb-a766-82079e0060e6?source=cve\nhttps://themeforest.net/item/reveal-directory-listing-wordpress-theme/27704330",
    "id": "CVE-2025-6994",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "SmartDataSoft Reveal Listing *",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Reveal Listing",
    "version": "*",
    "vendor": "SmartDataSoft",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Reveal Listing <= 3.3 - Unauthenticated Privilege Escalation_CVE-2025-6994