Browse all 7 CVE security advisories affecting InspiryThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
InspiryThemes develops WordPress themes and plugins for website creation, with seven CVEs recorded to date. Historically, their products have frequently contained stored cross-site scripting (XSS) vulnerabilities, remote code execution (RCE) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. Security researchers have identified multiple instances where authenticated users could execute unauthorized actions or inject malicious code. While no major public breaches have been widely reported, the consistent pattern of vulnerabilities across their portfolio suggests ongoing challenges in secure coding practices, requiring users to maintain vigilant patch management to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67968 | WordPress Real Homes CRM plugin <= 1.0.0 - Arbitrary File Upload vulnerability — Real Homes CRMCWE-434 | 9.9 | Critical | 2026-01-22 |
| CVE-2024-32444 | WordPress RealHomes theme <= 4.3.6 - Privilege Escalation vulnerability — RealHomesCWE-266 | 9.8 | Critical | 2025-09-03 |
| CVE-2025-49867 | WordPress RealHomes theme <= 4.4.0 - Privilege Escalation vulnerability — RealHomesCWE-266 | 9.8 | Critical | 2025-07-04 |
| CVE-2025-4601 | RH - Real Estate WordPress Theme <= 4.4.0 - Authenticated (Subscriber+) Privilege Escalation — RH - Real Estate WordPress ThemeCWE-269 | 8.8 | High | 2025-06-10 |
| CVE-2024-32555 | WordPress Easy Real Estate plugin <= 2.2.6 - Privilege Escalation vulnerability — Easy Real EstateCWE-266 | 9.8 | Critical | 2025-01-21 |
| CVE-2023-37885 | WordPress RealHomes theme <= 4.0.2 - Broken Access Control vulnerability — RealHomesCWE-862 | 4.3 | Medium | 2024-03-25 |
| CVE-2023-37886 | WordPress RealHomes theme <= 4.0.2 - Broken Access Control vulnerability — RealHomesCWE-862 | 5.4 | Medium | 2024-03-25 |
This page lists every published CVE security advisory associated with InspiryThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.