https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-6934.yaml

标题： WordPress plugin Opal Estate Pro 安全漏洞 (CVE-2025-6934)
描述：WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Opal Estate Pro 1.7.5及之前版本存在安全漏洞，该漏洞源于on_regiser_user函数缺少角色限制，可能导致权限提升。

The Opal Estate Pro plugin (≤ 1.7.5) is vulnerable to privilege escalation. Due to missing role restrictions in the on_register_user function, users can register with any role. This allows unauthenticated attackers to create administrator accounts.

 id: CVE-2025-6934

info:
  name: The Opal Estate Pro – Property Management <= 1.7.5 - Unauthenticate

...