{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-8218", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-25T23:50:32.495Z", "datePublished": "2025-08-19T06:45:26.792Z", "dateUpdated": "2026-04-08T16:44:02.681Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:44:02.681Z"}, "affected": [{"vendor": "imithemes", "product": "Real Spaces - WordPress Properties Directory Theme", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.5", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. This is due to a lack of restriction in the profile update role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during a profile update."}], "title": "Real Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member'", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d07880b-9af1-4b1e-aa70-b95ef10a6e33?source=cve"}, {"url": "https://themeforest.net/item/real-spaces-wordpress-real-estate-theme/8219779"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269 Improper Privilege Management", "cweId": "CWE-269", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Alyudin Nafiie"}], "timeline": [{"time": "2025-07-30T21:58:57.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-08-18T00:00:00.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-19T13:22:37.008642Z", "id": "CVE-2025-8218", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T13:23:30.150Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8218", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-19T13:22:37.008642Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-19T13:23:24.505Z"}}], "cna": {"title": "Real Spaces - WordPress Properties Directory Theme <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member'", "credits": [{"lang": "en", "type": "finder", "value": "Alyudin Nafiie"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "imithemes", "product": "Real Spaces - WordPress Properties Directory Theme", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.5"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-30T21:58:57.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-08-18T00:00:00.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d07880b-9af1-4b1e-aa70-b95ef10a6e33?source=cve"}, {"url": "https://themeforest.net/item/real-spaces-wordpress-real-estate-theme/8219779"}], "descriptions": [{"lang": "en", "value": "The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. This is due to a lack of restriction in the profile update role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during a profile update."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:44:02.681Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8218", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:44:02.681Z", "dateReserved": "2025-07-25T23:50:32.495Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-19T06:45:26.792Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. This is due to a lack of restriction in the profile update role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during a profile update."}, {"lang": "es", "value": "El tema Real Spaces - WordPress Properties Directory Theme para WordPress es vulnerable a la escalada de privilegios mediante el par\u00e1metro 'change_role_member' en todas las versiones hasta la 3.5 incluida. Esto se debe a la falta de restricciones en el rol de actualizaci\u00f3n de perfil. Esto permite que atacantes no autenticados elijan arbitrariamente su rol, incluido el de Administrador, durante una actualizaci\u00f3n de perfil."}], "id": "CVE-2025-8218", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-19T07:15:30.980", "references": [{"source": "security@wordfence.com", "url": "https://themeforest.net/item/real-spaces-wordpress-real-estate-theme/8219779"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d07880b-9af1-4b1e-aa70-b95ef10a6e33?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T14:27:09.978079+00:00", "value": {"mitigation_remediation": ["Upgrade the Real Spaces theme to version 3.6 or later to remove the vulnerable parameter handling.", "If an upgrade is temporarily infeasible, remove or disable the 'change_role_member' parameter within the theme code or by using a custom plugin that filters out the request variable.", "After the change, audit existing user accounts for suspicious Administrator privileges and reset any that should not have that level of access."], "summary": {"action": "Apply Patch", "impact": "Privilege Escalation to Administrator"}, "threat_synthesis": {"affected_systems": "The vulnerability exists in all releases of the Real Spaces WordPress Properties Directory Theme up to and including version 3.5. The theme is distributed by imithemes and is installed as a WordPress plugin or theme package under the path Real Spaces. Any WordPress deployment that uses these versions is potentially affected.", "description_and_impact": "The Real Spaces WordPress Properties Directory Theme enables a user to change their role via the 'change_role_member' parameter, but the theme lacks any restriction on role assignment. As a result, an attacker who can trigger a profile update can set the role to Administrator, effectively bypassing all security controls and gaining full control over the site. This is a classic privilege escalation flaw, classified as CWE\u2011269.", "risk_and_exploitability": "The CVSS score of 8.8 reflects a high severity exploitation risk, while the EPSS score of less than 1% indicates that commercial exploit tools are currently not widely spread. The flaw does not appear in CISA\u2019s KEV catalog. Attackers can exploit the issue without prior authentication, simply by sending a crafted request that includes the 'change_role_member' parameter. Once the role is escalated to Administrator, the attacker can modify site content, install additional malicious plugins, and manipulate sensitive data. Given the low EPSS but high CVSS, precautionary patching is strongly recommended."}}}}, "created": "2026-04-22T14:30:18.961745+00:00", "updated": "2026-04-22T14:30:18.961760+00:00", "vendors": []}