Platform
wordpress
Component
reveal-listing
Fixed in
3.3.1
CVE-2025-6994 is a privilege escalation vulnerability affecting the Reveal Listing plugin for WordPress. This flaw allows unauthenticated attackers to elevate their privileges to administrator level by manipulating user registration parameters. The vulnerability impacts versions 0.0.0 through 3.3 of the plugin. A patch is expected from the vendor.
The impact of this vulnerability is severe. An unauthenticated attacker can exploit it to gain complete control over a WordPress site by creating a new user account and assigning themselves the administrator role. This grants them full access to all site data, including sensitive information like user credentials, financial data, and proprietary content. They can modify site configurations, install malicious plugins, and even deface the website. The potential for data breach and disruption is significant, particularly for sites relying on Reveal Listing for critical functionality.
This vulnerability has been publicly disclosed. The CVSS score of 9.8 indicates a critical severity. No known public proof-of-concept exploits have been released at the time of writing, but the ease of exploitation suggests a high probability of exploitation if left unpatched. It is not currently listed on CISA KEV.
Exploit Status
EPSS
0.20% (42% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a patched version of the Reveal Listing plugin as soon as it becomes available. Until a patch is released, consider disabling user registration on the WordPress site or implementing stricter role assignment controls. Implement a Web Application Firewall (WAF) rule to block requests containing the 'listinguserrole' parameter during user registration. Regularly review user accounts and roles to identify any unauthorized administrator accounts. Monitor WordPress logs for suspicious user creation attempts.
Update the Reveal Listing plugin to the latest available version to mitigate the privilege escalation vulnerability. Check for updates in the WordPress repository or on the developer's website. Additionally, review user permissions and role configurations to ensure that only authorized users have access to administrative functions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-6994 is a critical vulnerability in the Reveal Listing WordPress plugin allowing unauthenticated attackers to gain administrator privileges by manipulating user registration parameters.
If you are using Reveal Listing plugin versions 0.0.0 through 3.3 on your WordPress site, you are potentially affected by this vulnerability.
Upgrade to a patched version of the Reveal Listing plugin as soon as it becomes available. Until then, disable user registration or implement stricter role assignment controls.
While no public exploits are currently known, the ease of exploitation suggests a high probability of exploitation if left unpatched.
Check the smartdatasoft website and WordPress plugin directory for updates and advisories related to CVE-2025-6994.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.