Vulnerability In Houzez Theme Exploited in The Wild

Published 27 February 2023
Updated 24 July 2023
Dave Jong
CTO at Patchstack
Table of Contents

There is a security vulnerability in Houzez Theme that is exploited in the wild. The vulnerability in Houzez Theme is an Unauthenticated Privilege Escalation vulnerability.

The Houzez theme is a premium theme sold on ThemeForest and has over 35,000 sales. It’s described as a theme specifically designed for the real estate industry. It offers easy-to-use tools that will allow you to manage your agency’s content and listings while providing the best possible experience for your clients.

vulnerability in Houzez Theme

We have been tracking exploits targeting a critical severity unauthenticated privilege escalation vulnerability in this theme and its related plugin.

The vulnerability in Houzez Theme

These vulnerabilities were discovered by Dave Jong and also responsibly disclosed to the plugin developer, and these vulnerabilities have since been fixed which can be seen in the links to the Patchstack vulnerability database entries below.

Houzez Theme Vulnerability <= 2.7.1, fixed in 2.7.2
WordPress Houzez theme <= 2.7.1 – Privilege Escalation – Patchstack

Houzez Login Register Vulnerability <= 2.6.3, fixed in 2.6.4
WordPress Houzez Login Register plugin <= 2.6.3 – Privilege Escalation – Patchstack

The privilege escalation vulnerability is located in the theme itself and one of its plugins. The theme itself provides registration functionality (must be turned on in the settings) which also allows the user to provide the user role they want to sign up with.

Unfortunately, this could be set to an administrator to instantly get administrator privileges on the WordPress site.

The same vulnerability exists in the Houzez Login Register plugin.

Exploited in the wild

The vulnerability in the theme and plugin is currently exploited in the wild and has seen a large number of attacks from the IP address at the time of writing.

We will keep monitoring exploitation attempts and update this blog if more information becomes available.

Patchstack paid plan users are protected from the vulnerability. You can also sign up for the Patchstack Community plan to be notified about vulnerabilities as soon as they become disclosed.

The latest in Security Advisories

Looks like your browser is blocking our support chat widget. Turn off adblockers and reload the page.