Approved changes feed: RSS · Atom

cpe:2.3:a:chimpstudio:wp_real_estate_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorChimpstudio (c3314495-e456-52cc-9712-bd8543d1a332)
ProductWp Real Estate Manager (7cc45db5-9a27-588c-9ce3-5c3642081732)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-1515 vulnerable 2026-06-08 07:08:37.161864 WP Real Estate Manager <= 2.8 - Authentication Bypass via Account Takeover
CRITICAL (9.8)
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to bypass official authentication and log in as any user on the site, including administrators.
Published: 2025-03-05T09:21:47.916Z
Updated: 2026-04-08T17:04:30.392Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.