CVE 6.5 MEDIUM

WordPress Essential Real Estate plugin <= 5.2.2 - Insecure Direct Object References (IDOR) vulnerability_CVE-2025-68071

December 16, 2025 invoker category_cve
6.5 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

Authorization Bypass Through User-Controlled Key vulnerability in g5theme Essential Real Estate essential-real-estate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Real Estate: from n/a through <= 5.2.2.

Basic Information

ID CVE-2025-68071
Source Patchstack
Published Dec 16, 2025 at 08:13
Modified Dec 16, 2025 at 15:26

Affected Product

Vendor g5theme
Product Essential Real Estate
Version n/a
Affected Versions g5theme Essential Real Estate n/a

CWE Classification

CWE-639

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.