CVE-2023-6140 – The Essential Real Estate WordPress plugin befo... (How to Fix)

Q: What is the severity of CVE-2023-6140?

CVE-2023-6140 has a CVSS score of 8.8 (HIGH). The Essential Real Estate WordPress plugin before version 4.4.0 allows low-privileged users like subscribers to upload malicious PHP files disguised as ZIP archives. This vulnerability could lead to remote code execution on affected WordPress sites. Any WordPress site using vulnerable versions of this plugin is affected.

📋 TL;DR

The Essential Real Estate WordPress plugin before version 4.4.0 allows low-privileged users like subscribers to upload malicious PHP files disguised as ZIP archives. This vulnerability could lead to remote code execution on affected WordPress sites. Any WordPress site using vulnerable versions of this plugin is affected.

💻 Affected Systems

Products:

Essential Real Estate WordPress plugin

Versions: All versions before 4.4.0

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress installation with the Essential Real Estate plugin and at least one subscriber-level user account.

📦 What is this software?

Essential Real Estate by G5plus

View all CVEs affecting Essential Real Estate →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full server compromise with attacker gaining complete control over the WordPress site and potentially the underlying server through remote code execution.

🟠

Likely Case

Attacker uploads a web shell, gains persistent access to the site, defaces content, steals data, or installs malware.

🟢

If Mitigated

Attack fails due to proper file upload restrictions or user privilege limitations.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires subscriber-level access. Attackers can create subscriber accounts if registration is open.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.4.0

Vendor Advisory: https://wpscan.com/vulnerability/c837eaf3-fafd-45a2-8f5e-03afb28a765b

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find Essential Real Estate plugin. 4. Click 'Update Now' if update is available. 5. If no update appears, manually update to version 4.4.0 or later from WordPress plugin repository.

🔧 Temporary Workarounds

Disable plugin

all

Temporarily disable the Essential Real Estate plugin until patched

wp plugin deactivate essential-real-estate

Restrict user registration

all

Disable new user registration to prevent attacker account creation

🧯 If You Can't Patch

Remove subscriber and lower-privileged user accounts
Implement web application firewall rules to block PHP file uploads

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for Essential Real Estate version

Check Version:

wp plugin get essential-real-estate --field=version

Verify Fix Applied:

Confirm plugin version is 4.4.0 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads by subscriber-level users
PHP file execution from uploads directory
Multiple failed login attempts followed by successful subscriber login

Network Indicators:

HTTP POST requests to upload endpoints from unexpected sources
Unusual outbound connections from web server

SIEM Query:

source="wordpress.log" AND ("upload" OR "subscriber") AND ("php" OR "zip")

📊 Metadata

CVE ID: CVE-2023-6140

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

Published: January 8, 2024

Last Updated: November 21, 2024

🔗 References

https://wpscan.com/vulnerability/c837eaf3-fafd-45a2-8f5e-03afb28a765b Exploit,Third Party Advisory
https://wpscan.com/vulnerability/c837eaf3-fafd-45a2-8f5e-03afb28a765b Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6140, you might also want to check these: