## https://sploitus.com/exploit?id=90B9E9AF-B6B3-5F01-96C4-E4DDD57C201F
# CVE-2025-6934
๐ก๏ธ CVE-2025-6934 - Unauthenticated Privilege Escalation in Opal Estate Pro
๐ Description
The Opal Estate Pro โ Property Management and Submission plugin for WordPress, used by the FullHouse - Real Estate Responsive WordPress Theme, is vulnerable to Privilege Escalation in all versions up to and including 1.7.5.
CVE ID: CVE-2025-6934
CVSS Score: 9.8 (Critical)
Published: June 30, 2025
โ๏ธ Script Information
This Python exploit automates the privilege escalation process by:
Verifying the vulnerable plugin version via readme.txt.
Fetching the required nonce from the registration page.
Sending a crafted registration request to gain Administrator access.