CVE-2025-11985P2HIGHCVSS 8.8≥ 0.1, ≤ 0.4.12025-11-21
CVE-2025-11985 [HIGH] CWE-862 CVE-2025-11985: The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can l
The Realty Portal plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'rp_save_property_settings' function in versions 0.1 to 0.4.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options o
nvd