CVE-2024-13421 – This vulnerability in the Real Estate 7 WordPre... (How to Fix)

Q: What is the severity of CVE-2024-13421?

CVE-2024-13421 has a CVSS score of 9.8 (CRITICAL). This vulnerability in the Real Estate 7 WordPress theme allows unauthenticated attackers to register new administrative user accounts due to improper role restrictions during registration. All WordPress sites using this theme up to version 3.5.1 are affected, potentially giving attackers full control over vulnerable websites.

📋 TL;DR

This vulnerability in the Real Estate 7 WordPress theme allows unauthenticated attackers to register new administrative user accounts due to improper role restrictions during registration. All WordPress sites using this theme up to version 3.5.1 are affected, potentially giving attackers full control over vulnerable websites.

💻 Affected Systems

Products:

Real Estate 7 WordPress Theme

Versions: All versions up to and including 3.5.1

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress user registration to be enabled, but this is a common configuration for many sites.

📦 What is this software?

Real Estate 7 by Contempothemes

View all CVEs affecting Real Estate 7 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete site takeover with administrative privileges, allowing data theft, defacement, malware injection, and backdoor persistence.

🟠

Likely Case

Attackers create admin accounts to install backdoors, steal sensitive data, or use the site for malicious activities like phishing or spam.

🟢

If Mitigated

With proper monitoring and authentication controls, unauthorized admin creation would be detected and blocked before significant damage occurs.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP request manipulation to register admin accounts; no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 3.5.2 or later

Vendor Advisory: https://contempothemes.com/changelog/

Restart Required: No

Instructions:

1. Update Real Estate 7 theme to version 3.5.2 or later via WordPress admin panel. 2. Verify update completes successfully. 3. Test user registration functionality.

🔧 Temporary Workarounds

Disable User Registration

all

Temporarily disable new user registration in WordPress settings

Navigate to Settings > General in WordPress admin and uncheck 'Anyone can register'

Block Registration Endpoints

linux

Use web application firewall or .htaccess to block registration requests

# Add to .htaccess:
RewriteCond %{REQUEST_URI} ^/wp-login\.php\?action=register [NC]
RewriteRule ^ - [F,L]

🧯 If You Can't Patch

Implement strict monitoring for new user creation, especially admin accounts
Deploy web application firewall with rules to detect and block suspicious registration attempts

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Appearance > Themes for Real Estate 7 theme version 3.5.1 or earlier

Check Version:

wp theme list --field=name,version --path=/path/to/wordpress | grep 'real-estate-7'

Verify Fix Applied:

Confirm theme version is 3.5.2 or later and test that only appropriate roles can be selected during registration

📡 Detection & Monitoring

Log Indicators:

Multiple failed registration attempts
Successful registration with admin role
New admin user creation from unusual IPs

Network Indicators:

POST requests to /wp-login.php?action=register with role parameters
Unusual registration traffic patterns

SIEM Query:

source="wordpress.log" AND ("action=register" OR "new user registration") AND ("role=administrator" OR "capability=manage_options")

📊 Metadata

CVE ID: CVE-2024-13421

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-266

EPSS Score: 0.75% exploit probability (72.8th percentile)

Published: February 12, 2025

Last Updated: February 25, 2025

🔗 References

https://contempothemes.com/changelog/ Release Notes
https://themeforest.net/item/wp-pro-real-estate-7-responsive-real-estate-wordpress-theme/12473778 Product
https://www.wordfence.com/threat-intel/vulnerabilities/id/a50b3304-d55b-487a-8137-d5083c704cf4?source=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13421, you might also want to check these: