CVE-2025-6758

Description

The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the imic_agent_register function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during user registration.