CVE-2025-67968

Published Jan 22, 2026

Last updated 2 months ago

Overview

Description
Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM realhomes-crm allows Using Malicious Files.This issue affects Real Homes CRM: from n/a through <= 1.0.0.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Weaknesses

audit@patchstack.com
CWE-434

Social media

Hype score
Not currently trending

  1. #VulnerabilityReport #ArbitraryFileUpload CVE-2025-67968 (CVSS 9.9): Critical Flaw in Real Estate Theme Exposes 30,000 Sites to Takeover https://t.co/x4SuRhDHSN

    @Komodosec

    3 Mar 2026

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 ثغرة خطيرة في RealHomes CRM تسمح بالاستيلاء الكامل على المواقع تم اكتشاف ثغرة أمنية حرجة (CVE-2025-67968) في إضافة RealHomes CRM، وهي جزء أساسي من قالب Real Homes لـ WordPress. هذه

    @MisbarSec

    26 Jan 2026

    51 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨Alert🚨 CVE-2025-67968 (CVSS 9.9): Unrestricted Upload of File with Dangerous Type Vulnerability in InspiryThemes Real Homes CRM realhomes-crm allows Using Malicious Files. 📊 23.5K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/OB

    @HunterMapping

    26 Jan 2026

    2438 Impressions

    9 Retweets

    39 Likes

    11 Bookmarks

    0 Replies

    0 Quotes

  4. 3万サイト以上が使用するWordPressのプラグインRealHomes CRMで重大(Critical)な脆弱性が修正。CVE-2025-67968はCVSSスコア9.9で、任意のログイン後ユーザがCSVファイルアップロード機能のチェックをすり抜け任意のファイ

    @__kokumoto

    26 Jan 2026

    900 Impressions

    2 Retweets

    7 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  5. CVE-2025-67968 (CVSS 9.9): Critical Flaw in Real Estate Theme Exposes 30,000 Sites to Takeover https://t.co/rcIcWgxj3L

    @CrowdCyber_Com

    26 Jan 2026

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Critical RealHomes CRM flaw CVE-2025-67968 (CVSS 9.9) allows any logged-in user to upload malicious files. Update to v1.0.1 immediately to prevent takeover. #WordPress #RealHomes #CyberSecurity #CVE202567968 #InfoSec #WebSecurity #RCE #RealEstateTech https://t.co/zOYcBEgbx3

    @the_yellow_fall

    26 Jan 2026

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-67968 (CVSS 9.9): Critical Flaw in Real Estate Theme Exposes 30,000 Sites to Takeover https://t.co/IYErhuecjA

    @Karma_X_Inc

    26 Jan 2026

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.