CVE-2025-2891 is a vulnerability classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) found in the Real Estate 7 WordPress theme developed by contempoinc. The issue resides in the 'template-submit-listing.php' file, which lacks proper validation of uploaded file types. This flaw allows authenticated users with Seller-level privileges or higher to upload arbitrary files to the server hosting the WordPress site. Because the theme supports front-end listing submissions, an attacker can exploit this to upload malicious files such as web shells or scripts, potentially leading to remote code execution (RCE). The vulnerability affects all versions up to and including 3.5.4. The CVSS v3.1 base score is 8.8, indicating high severity, with an attack vector of network (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). Although no public exploits are known at this time, the vulnerability's characteristics make it a critical risk for sites using this theme, especially if front-end listing submissions are enabled. The lack of patch links suggests a fix may not yet be available, emphasizing the need for immediate mitigation.

The vulnerability allows attackers with Seller-level access to upload arbitrary files, which can lead to remote code execution on the affected server. This compromises the confidentiality of sensitive data stored on the site, the integrity of website content and backend systems, and the availability of the service if attackers deploy destructive payloads or ransomware. Exploitation could result in full site takeover, data breaches, defacement, or use of the compromised server as a pivot point for further attacks within an organization's network. Given WordPress's widespread use and the popularity of the Real Estate 7 theme in real estate websites, the impact is significant globally. Organizations relying on this theme for customer-facing real estate listings are at risk of reputational damage, financial loss, and regulatory penalties if customer data is exposed or services disrupted.

Until an official patch is released, organizations should take the following specific actions: 1) Disable front-end listing submissions to prevent attackers from uploading files via the vulnerable script. 2) Restrict file upload permissions on the server to only allow safe file types and enforce strict server-side validation. 3) Implement web application firewall (WAF) rules to detect and block suspicious file upload attempts targeting 'template-submit-listing.php'. 4) Monitor server logs and file system changes for unauthorized uploads or execution of unexpected scripts. 5) Limit Seller-level user privileges to trusted users only and review existing accounts for suspicious activity. 6) Consider temporarily replacing the Real Estate 7 theme with a secure alternative if possible. 7) Stay alert for official patches or updates from contempoinc and apply them promptly once available. 8) Conduct regular security audits and penetration tests focusing on file upload functionalities.