CVE-2025-11191
📋 TL;DR
The RealPress WordPress plugin before version 1.1.0 has missing authorization checks in its REST API endpoints. This allows unauthenticated attackers to create pages and send emails from vulnerable WordPress sites. All WordPress sites using RealPress plugin versions below 1.1.0 are affected.
💻 Affected Systems
- RealPress WordPress Plugin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could create malicious pages with phishing content, send spam emails from your domain, deface the website, or use the email functionality for phishing campaigns.
Likely Case
Spam page creation and unauthorized email sending, potentially leading to reputation damage and email blacklisting.
If Mitigated
Limited impact with proper web application firewalls and monitoring in place to detect unauthorized API calls.
🎯 Exploit Status
Exploitation requires sending HTTP requests to specific REST endpoints without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.1.0
Vendor Advisory: https://wpscan.com/vulnerability/74f19ff2-d5c0-4bd4-83f2-688ea37022b1/
Restart Required: No
Instructions:
1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find RealPress plugin. 4. Click 'Update Now' if update is available. 5. Alternatively, download version 1.1.0+ from WordPress repository and replace existing plugin files.
🔧 Temporary Workarounds
Disable RealPress Plugin
WordPressTemporarily deactivate the plugin until patching is possible.
wp plugin deactivate realpress
Restrict REST API Access
ApacheUse web application firewall or .htaccess to block unauthorized access to /wp-json/realpress/ endpoints.
# Add to .htaccess: RewriteRule ^wp-json/realpress/.*$ - [F,L]
🧯 If You Can't Patch
- Disable the RealPress plugin immediately.
- Implement strict network controls to block external access to WordPress REST API endpoints.
🔍 How to Verify
Check if Vulnerable:
Check WordPress admin panel → Plugins → RealPress version. If version is below 1.1.0, the site is vulnerable.Check Version:
wp plugin get realpress --field=versionVerify Fix Applied:
Confirm RealPress plugin version is 1.1.0 or higher in WordPress admin panel.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to /wp-json/realpress/v1/* endpoints from unauthenticated users
- Sudden increase in page creation events
- Email sending events from WordPress without user interaction
Network Indicators:
- HTTP POST requests to /wp-json/realpress/v1/pages or /wp-json/realpress/v1/email from unauthorized IPs
SIEM Query:
source="wordpress.log" AND (uri_path="/wp-json/realpress/v1/*" AND http_method="POST") AND user="-"