Buying Buddy IDX CRM - Insecure deserialization
Summary
| Name | Buying Buddy IDX CRM - Real Estate MLS Plugin 1.2.1 - Insecure deserialization |
| Code name | skims-0058 |
| Product | Buying Buddy IDX CRM - Real Estate MLS Plugin |
| Affected versions | Version 1.2.1 |
| State | Private |
| Release date | 2025-03-14 |
Vulnerability
| Kind | Insecure deserialization |
| Rule | Insecure deserialization |
| Remote | No |
| CVSSv4 Vector | CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U |
| CVSSv4 Base Score | 1.7 (Low) |
| Exploit available | No |
| CVE ID(s) | CVE-2025-31319 |
Description
Buying Buddy IDX CRM - Real Estate MLS Plugin 1.2.1 was found to be vulnerable. Unvalidated user input is used directly in an unserialize function in myapp/includes/settings.php.
Vulnerability
Skims by Fluid Attacks discovered a Insecure deserialization in Buying Buddy IDX CRM - Real Estate MLS Plugin 1.2.1. The following is the output of the tool:
Skims output
5 | function buyingbuddy_settings()
6 | {
7 | global $buyingbuddy_options, $buyingbuddyObj, $wp_rewrite, $buyingbuddy_version;
8 |
9 | $msg_status = """";
10 | $plugin_data = get_plugin_data(plugin_dir_path( __FILE__ ).""../buying-buddy.php"");
11 | $origAcid = $buyingbuddy_options[""acid""];
12 |
13 | if (!empty($_POST['buyingbuddy_submitted'])) {
14 | if ( empty( $_POST['buyingbuddy_settings'] ) || !wp_verify_nonce( $_POST['buyingbuddy_settings'], 'buyingbuddy_se
15 | exit ('There was a problem submitting the form. Please refresh and try again.');
16 | } else {
17 |
18 | $buyingbuddy_options = array(
19 | ""installed"" => ""true"",
20 | ""accept_terms"" => 1,
21 | ""last_modified"" => time(),
22 | );
23 |
24 | $buyingbuddy_acid = sanitize_text_field($_POST[""buyingbuddy_acid""]);
25 | $paramsArray = array (
26 | ""acid"" => $buyingbuddy_acid,
27 | ""domain"" => esc_url($_SERVER['HTTP_HOST']),
28 | ""wp"" => esc_html(get_bloginfo(""version"")),
29 | ""plugin"" => esc_html($plugin_data['Version']),
30 | ""rand"" => esc_html(rand(10,100))
31 | );
32 |
33 | $url = ""/api/account-info/check-acid/"";
34 | $response = $buyingbuddyObj->getApiData($url,$paramsArray);
35 |
36 | if ($response->valid == ""true""){
37 | $buyingbuddy_options['acid'] = $buyingbuddy_acid;
38 | $buyingbuddy_options[""installed""] = ""true"";
39 | $buyingbuddy_options[""auto_updates""] = ""yes"";
40 | $buyingbuddy_options[""last_modified""] = time();
41 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
42 | } else {
43 | $buyingbuddy_options[""acid""] = $origAcid;
44 | $invalid_acid = ""true"";
45 | }
46 |
47 | if (!empty($_POST['buyingbuddy_google_map'])) $buyingbuddy_options['google_map'] = sanitize_text_field($_POST
48 | if (!empty($_POST['buyingbuddy_google_map_key'])) $buyingbuddy_options['google_map_key'] = sanitize_text_fiel
49 | if (!empty($_POST['buyingbuddy_footer'])) $buyingbuddy_options['footer'] = sanitize_text_field($_POST['buying
50 | if (!empty($_POST['buyingbuddy_disable'])) $buyingbuddy_options['disable'] = sanitize_text_field($_POST['buyi
51 | if (!empty($_POST['buyingbuddy_auto_updates'])) $buyingbuddy_options['auto_updates'] = sanitize_text_field($_
52 | if (!empty($_POST['buyingbuddy_express'])) $buyingbuddy_options['express'] = sanitize_text_field($_POST['buyi
53 | if (!empty($_POST['buyingbuddy_allowedids'])) update_option('buyingbuddy_allowedids', serialize(array_map('tr
54 | else update_option('buyingbuddy_allowedids','');
55 |
56 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
57 |
58 | if (isset($buyingbuddy_options['google_map_key']) && $buyingbuddy_options['google_map_key'] != """") {
59 | $urlarr = array (
60 | ""acid"" => $buyingbuddy_options[""acid""],
61 | ""domain"" => sanitize_text_field($_SERVER['HTTP_HOST']),
62 | ""google_map_key"" => $buyingbuddy_options[""google_map_key""],
63 | );
64 | $url = ""/api/account-info/set-map-key/?"".http_build_query($urlarr);
65 | $acctData = $buyingbuddyObj->getApiData($url, array());
66 | }
67 |
68 | if ( $invalid_acid == ""true"" ){
69 |
70 | $msg_status = '<div class=""alert alert-sm alert-danger alert-marker marker-right border-inner-outline lh-
71 | <div class=""marker-icon"">
72 | <img src=""'.esc_url(plugin_dir_url(__FILE__)).'../images/circle-check.png"" alt="""">
73 | </div>
74 | <span class=""weight700"">Invalid Activation Key Entered.</span>
75 | </div>';
76 |
77 | } else {
78 |
79 | $msg_status = '<div class=""alert alert-sm alert-success alert-marker marker-right border-inner-outline lh
80 | <div class=""marker-icon"">
81 | <img src=""'.esc_url(plugin_dir_url(__FILE__)).'../images/circle-check.png"" alt="""">
82 | </div>
83 | <span class=""weight700"">Buying Buddy options have been updated.</span>
84 | </div>';
85 | }
86 |
87 | }
88 |
89 | }
90 |
91 | if (!empty($_POST['buyingbuddy_add_templates'])) {
92 |
93 | if ( empty( $_POST['buyingbuddy_add_templates'] ) || ! wp_verify_nonce( $_POST['buyingbuddy_install'], 'buyingbud
94 | exit ('There was a problem submitting the form. Please refresh and try again.');
95 | } else {
96 |
97 | $demo_pages = array();
98 | if ($_POST['buyingbuddy_install_map'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbuddy_in
99 | if ($_POST['buyingbuddy_install_about'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbuddy_
100 | if ($_POST['buyingbuddy_install_calculator'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingb
101 | if ($_POST['buyingbuddy_install_cma'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbuddy_in
102 | if ($_POST['buyingbuddy_install_contact'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbudd
103 | if ($_POST['buyingbuddy_install_featured'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbud
104 |
105 | $pageOptions = array();
106 | foreach($demo_pages as $pagearr) {
107 | $new_page = array(
108 | 'post_type' => 'page',
109 | 'post_title' => $pagearr[0],
110 | 'post_content' => $pagearr[2],
111 | 'post_status' => 'publish',
112 | 'post_author' => esc_html(get_current_user_id()),
113 | 'post_name' => $pagearr[1]
114 | );
115 | if (!get_page_by_path( $pagearr[1], OBJECT, 'page')) {
116 | $new_page_id = wp_insert_post($new_page);
117 | $buyingbuddy_options[ $pagearr[3] ] = 1;
118 | }
119 | }
120 |
121 | if ( !empty($buyingbuddy_options) ){
122 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
123 | }
124 |
125 | $msg_status = '<div class=""alert alert-sm alert-success alert-marker marker-right border-inner-outline lh-13""
126 | <div class=""marker-icon"">
127 | <img src=""'.esc_url(plugin_dir_url(__FILE__)).'../images/circle-check.png"" alt="""">
128 | </div>
129 | Template Pages pages installed successfully.
130 | </div>';
131 | }
132 |
133 | }
134 |
135 | if (!empty($_POST['buyingbuddy_install'])) {
136 | if ( empty( $_POST['buyingbuddy_install'] ) || ! wp_verify_nonce( $_POST['buyingbuddy_install'], 'buyingbuddy_ins
137 | exit ('There was a problem submitting the form. Please refresh and try again.');
138 | } else {
139 | $demo_pages = array();
140 | if ($_POST['buyingbuddy_install_map'] == 1) $demo_pages[] = array (""Map"",sanitize_text_field($_POST[""buyingbu
141 | if ($_POST['buyingbuddy_install_about'] == 1) $demo_pages[] = array (""About"",sanitize_text_field($_POST[""buyi
142 | if ($_POST['buyingbuddy_install_calculator'] == 1) $demo_pages[] = array (""Calculator"",sanitize_text_field($_
143 | if ($_POST['buyingbuddy_install_cma'] == 1) $demo_pages[] = array (""Home Value"",sanitize_text_field($_POST[""b
144 | if ($_POST['buyingbuddy_install_contact'] == 1) $demo_pages[] = array (""Contact"",sanitize_text_field($_POST[""
145 | if ($_POST['buyingbuddy_install_featured'] == 1) $demo_pages[] = array (sanitize_text_field($_POST[""buyingbud
146 |
147 | $pageOptions = array();
148 | foreach($demo_pages as $pagearr) {
149 | $new_page = array(
150 | 'post_type' => 'page',
151 | 'post_title' => $pagearr[0],
152 | 'post_content' => $pagearr[2],
153 | 'post_status' => 'publish',
154 | 'post_author' => esc_html(get_current_user_id()),
155 | 'post_name' => $pagearr[1]
156 | );
157 | if ( !get_page_by_path( $pagearr[1], OBJECT, 'page') ) {
158 | $new_page_id = wp_insert_post($new_page);
159 | $buyingbuddy_options[ $pagearr[3] ] = 1;
160 | }
161 | }
162 |
163 | $buyingbuddy_options[""installed_pages""] = 1;
164 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
165 |
166 | $msg_status = '<div class=""alert alert-sm alert-success alert-marker marker-right border-inner-outline lh-13""
167 | <div class=""marker-icon"">
168 | <img src=""'.esc_url(plugin_dir_url(__FILE__)).'../images/circle-check.png"" alt="""">
169 | </div>
170 | Demo pages installed successfully.
171 | </div>';
172 | }
173 |
174 | }
175 |
176 | $invalid_acid = """";
177 | $buyingbuddy_acid = """";
178 |
179 | if (!empty($_POST['buyingbuddy_accept_terms']) && sanitize_text_field($_POST['buyingbuddy_accept_terms']) == 1) {
180 | if ( empty( $_POST['buyingbuddy_terms'] ) || ! wp_verify_nonce( $_POST['buyingbuddy_terms'], 'buyingbuddy_terms_a
181 | exit ('There was a problem submitting the form. Please refresh and try again.');
182 | } else {
183 | $buyingbuddy_options['accept_terms'] = 1;
184 | $buyingbuddy_options['trial'] = """";
185 | $buyingbuddy_options['purchase'] = """";
186 | $buyingbuddy_arr = array();
187 | foreach ($buyingbuddy_options as $key => $val) {
188 | $buyingbuddy_arr[sanitize_text_field($key)] = sanitize_text_field($val);
189 | }
190 | update_option('buyingbuddy_options', serialize($buyingbuddy_arr));
191 | }
192 | }
193 |
194 | if (!empty($_POST['buyingbuddy_check_activation']) && sanitize_text_field($_POST['buyingbuddy_check_activation']) ==
195 | if ( empty( $_POST['buyingbuddy_activate'] ) || ! wp_verify_nonce( $_POST['buyingbuddy_activate'], 'buyingbuddy_a
196 | exit ('There was a problem submitting the form. Please refresh and try again.');
197 | } else {
198 |
199 | $buyingbuddy_acid = sanitize_text_field($_POST[""buyingbuddy_acid""]);
200 | $urlarr = array (
201 | ""acid"" => $buyingbuddy_acid,
202 | ""domain"" => esc_url($_SERVER['HTTP_HOST']),
203 | ""wp"" => esc_html(get_bloginfo(""version"")),
204 | ""plugin"" => esc_html($plugin_data['Version']),
205 | ""rand"" => esc_html(rand(10,100))
206 | );
207 |
208 | if (isset($buyingbuddy_options[""google_map_key""])) $urlarr[""wp_google_maps_key""] = $buyingbuddy_options[""goog
209 |
210 | $url = ""/api/account-info/check-acid/?"".http_build_query($urlarr);
211 | $response = $buyingbuddyObj->getApiData($url, array());
212 |
213 | if ($response->valid == ""true""){
214 | $buyingbuddy_options['acid'] = $buyingbuddy_acid;
215 | $buyingbuddy_options[""installed""] = ""true"";
216 | $buyingbuddy_options[""auto_updates""] = ""yes"";
217 | $buyingbuddy_options[""last_modified""] = time();
218 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
219 | } else {
220 | $invalid_acid = 1;
221 | }
222 |
223 | }
224 |
225 | }
226 |
227 | if (!empty($_GET[""buyingbuddy_orderstr""])) { // return from Trial or Purchase order
> 228 | $orderarr = unserialize(base64_decode(sanitize_text_field($_GET[""buyingbuddy_orderstr""])));
229 | if (!empty($orderarr[""acid""]) && sanitize_text_field($orderarr[""acid""]) != """") $buyingbuddy_options[""installed""]
230 | // print_r($orderarr);
231 | }
232 |
233 | $buyingbuddy_allowedids = unserialize(sanitize_text_field(get_option('buyingbuddy_allowedids')));
234 | if (is_array($buyingbuddy_allowedids)) $buyingbuddy_allowedids = implode("","",$buyingbuddy_allowedids);
235 | if (isset($buyingbuddy_options[""rosterpage""])) {
236 | } else $buyingbuddy_options[""rosterpage""] = ""no"";
237 | if (isset($buyingbuddy_options[""express""])) {
238 | } else $buyingbuddy_options[""express""] = ""no"";
239 | if (!empty($buyingbuddy_options[""google_map_key""]) && sanitize_text_field($buyingbuddy_options[""google_map_key""]) ==
240 | $purchase = """";
241 | $trial = """";
242 | require_once plugin_dir_path( __FILE__ ).'../views/settings_header.php';
243 |
244 | $buyingbuddy_allowedids_option = sanitize_text_field(get_option(""buyingbuddy_allowedids""));
245 | $buyingbuddy_theme_id = sanitize_text_field(get_option(""buyingbuddy_theme_id""));
246 | if ($buyingbuddy_allowedids_option) {
247 | $buyingbuddy_allowedids_arr = unserialize($buyingbuddy_allowedids_option);
248 | $buyingbuddy_allowedids = implode("","",$buyingbuddy_allowedids_arr);
249 | } else $buyingbuddy_allowedids = """";
250 |
251 | $active_plugins = get_option('active_plugins');
252 | $plugin_list = ""<ul style='list-style:disc;margin-left:25px;'>"";
253 | foreach($active_plugins as $key => $value) {
254 | $string = explode('/',$value); // Folder name will be displayed
255 | $plugin_list .= ""<li>"".$string[0] .""</li>"";
256 | }
257 | $plugin_list .= ""</ul>"";
258 |
259 | if (isset($orderarr[""acid""]))
260 | {
261 |
262 | if (!empty($orderarr[""acid""])) $acid = sanitize_text_field($orderarr[""acid""]);
263 | if (!empty($orderarr[""purchase""])) $purchase = sanitize_text_field($orderarr[""purchase""]);
264 | if (!empty($orderarr[""trial""])) $trial = sanitize_text_field($orderarr[""trial""]);
265 | if (!empty($orderarr[""accounttype_id""])) $accounttype_id = sanitize_text_field($orderarr[""accounttype_id""]);
266 |
267 | if ($purchase == 1 || $trial == 1) {
268 | $foundation_pages = array(
269 | ""search"" => array(""bbidx-search"",""Property Search"",'[mbb_widget id=""MBBv3_SearchForm""]'),
270 | ""results"" => array(""listing-results"",""Search Results"",'[mbb_widget id=""MBBv3_ListingResults""]'),
271 | ""details"" => array(""listing-details"",""Property Details"",'[mbb_widget id=""MBBv3_SearchDetails""]'),
272 | ""market"" => array(""listing-market"",""Area Market Report"",'[mbb_widget id=""MBBv3_MarketReport""]')
273 | );
274 | foreach($foundation_pages as $pagearr) {
275 | $new_page = array(
276 | 'post_type' => 'page',
277 | 'post_title' => $pagearr[1],
278 | 'post_content' => $pagearr[2],
279 | 'post_status' => 'publish',
280 | 'post_author' => esc_html(get_current_user_id()),
281 | 'post_name' => $pagearr[0]
282 | );
283 | if (!get_page_by_path( $pagearr[0], OBJECT, 'page')) {
284 | $new_page_id = wp_insert_post($new_page);
285 | }
286 | }
287 |
288 | }
289 | $buyingbuddy_options[""installed""] = ""true"";
290 | $buyingbuddy_options = array(
291 | ""acid"" => sanitize_text_field($acid),
292 | ""foundation_pages"" => ""true"",
293 | ""trial"" => $trial,
294 | ""accept_terms"" => 1,
295 | ""purchase"" => $purchase,
296 | ""installed"" => ""true""
297 | );
298 | $buyingbuddy_options[""google_map_key""] = """";
299 | update_option('buyingbuddy_options', serialize($buyingbuddy_options));
300 |
301 | // Get IDX Agreement info for this MLS
302 | $current_user = wp_get_current_user();
303 |
304 | $urlarr = array (
305 | ""acid"" => $acid,
306 | ""domain"" => sanitize_text_field($_SERVER['HTTP_HOST']),
307 | ""wp"" => esc_html(get_bloginfo(""version"")),
308 | ""plugin"" => sanitize_text_field($plugin_data['Version']),
309 | ""email"" => esc_html($current_user->user_email)
310 | );
311 |
312 | $url = ""/api/account-info/get-idx-info/?"".http_build_query($urlarr);
313 | $domainData = $buyingbuddyObj->getApiData($url, array());
314 |
315 | if (!empty($domainData->mls_nm) ) $mls_idxname = wp_kses_post($domainData->mls_nm);
316 | else $mls_idxname = """";
317 | if (!empty($domainData->idx_approval) ) $idx_approval = wp_kses_post($domainData->idx_approval);
318 | else $idx_approval = """";
319 | $show_sidebar = """";
320 | require_once plugin_dir_path( __FILE__ ).'../views/settings_messages.php';
321 | require_once plugin_dir_path( __FILE__ ).'../views/settings_neworder.php';
322 |
323 | } else { // show default options page or installation page
324 |
325 | // check if acid exists from old Buying Buddy plugin.
326 | if (empty($buyingbuddy_options[""acid""])) {
327 | $old_mbb_options = unserialize(get_option(""mbb_options""));
328 | if (!empty($old_mbb_options)) {
329 | $buyingbuddy_options[""acid""] = sanitize_text_field($old_mbb_options[""acid""]);
330 | $buyingbuddy_options[""google_map""] = sanitize_text_field($old_mbb_options[""google_map""]);
331 | if (empty($buyingbuddy_options[""google_map_key""])) $buyingbuddy_options[""google_map_key""] = sanitize_text
332 | $buyingbuddy_options[""footer""] = sanitize_text_field($old_mbb_options[""footer""]);
333 | $buyingbuddy_options[""disable""] = sanitize_text_field($old_mbb_options[""disable""]);
334 | $buyingbuddy_options[""express""] = sanitize_text_field($old_mbb_options[""express""]);
335 | $buyingbuddy_options[""mbb_allowedids""] = sanitize_text_field($old_mbb_options[""mbb_allowedids""]);
336 | if (!empty($buyingbuddy_options[""acid""])) update_option('buyingbuddy_options', serialize($buyingbuddy_opt
337 | }
338 | }
339 |
340 | $domainarr = parse_url(esc_url($_SERVER['HTTP_HOST']));
341 | $urlarr = array (
342 | ""acid"" => sanitize_text_field($buyingbuddy_options[""acid""]),
343 | ""domain"" => $domainarr[""host""],
344 | ""rand"" => esc_html(rand(10,100))
345 | );
346 |
347 | $url = ""/api/account-info/check-acid/?"".http_build_query($urlarr);
348 | $response = $buyingbuddyObj->getApiData($url, array());
349 | if (!empty($response) && $response->valid == ""true"") {
350 | $buyingbuddy_status = $response->status;
351 | $buyingbuddy_results_slug = $response->results_slug;
352 |
353 | $foundation_pages = array(
354 | ""search"" => array(""bbidx-search"",""Property Search"",'[mbb_widget id=""MBBv3_SearchForm""]'),
355 | ""results"" => array(""listing-results"",""Search Results"",'[mbb_widget id=""MBBv3_ListingResults""]'),
356 | ""details"" => array(""listing-details"",""Property Details"",'[mbb_widget id=""MBBv3_SearchDetails""]'),
357 | ""market"" => array(""listing-market"",""Area Market Report"",'[mbb_widget id=""MBBv3_MarketReport""]')
358 | );
359 | foreach($foundation_pages as $pagearr) {
360 | $new_page = array(
361 | 'post_type' => 'page',
362 | 'post_title' => $pagearr[1],
363 | 'post_content' => $pagearr[2],
364 | 'post_status' => 'publish',
365 | 'post_author' => esc_html(get_current_user_id()),
366 | 'post_name' => $pagearr[0]
367 | );
368 | if (!get_page_by_path( $pagearr[0], OBJECT, 'page')) {
369 | $new_page_id = wp_insert_post($new_page);
370 | }
371 | }
372 |
373 | } else {
374 | $buyingbuddy_status = 30;
375 | $results_slug = """";
376 | }
377 |
378 | $userinfo = wp_get_current_user();
379 | $userarr = array(
380 | ""domain"" => esc_url(get_site_url()),
381 | ""email"" => esc_html($userinfo->user_email),
382 | ""name"" => esc_html($userinfo->display_name)
383 | );
384 |
385 | $trialstr = base64_encode(serialize($userarr));
386 | $userarr[""purchase""] = 1;
387 | $purchasestr = base64_encode(serialize($userarr));
388 | $show_sidebar = 1;
389 |
390 | if (!empty($buyingbuddy_options[""accept_terms""]) && sanitize_text_field($buyingbuddy_options[""accept_terms""]) ==
391 | if (!empty($buyingbuddy_options[""acid""]) && sanitize_text_field($buyingbuddy_options[""acid""]) != """") {
392 | if (empty($buyingbuddy_options[""google_map_key""])) $buyingbuddy_options[""google_map_key""] = """";
393 | if (empty($buyingbuddy_options[""google_map""])) $buyingbuddy_options[""google_map""] = """";
394 | if (empty($buyingbuddy_options[""disable""])) $buyingbuddy_options[""disable""] = """";
395 | if (empty($buyingbuddy_options[""trial""])) $buyingbuddy_options[""trial""] = """";
396 | if (empty($buyingbuddy_options[""purchase""])) $buyingbuddy_options[""purchase""] = """";
397 |
398 | // get latest theme from LAC and clear rewrite rules
399 | flush_rewrite_rules();
400 | $wp_rewrite->flush_rules();
401 |
402 | $urlarr = array (
403 | ""acid"" => esc_html($buyingbuddy_options[""acid""]),
404 | ""domain"" => sanitize_url($_SERVER['HTTP_HOST']),
405 | ""wp"" => esc_html(get_bloginfo(""version"")),
406 | ""wp_google_maps_key"" => sanitize_text_field($buyingbuddy_options[""google_map_key""]),
407 | ""plugin"" => sanitize_text_field($buyingbuddy_version)
408 | );
409 |
410 | $url = ""/api/account-info/get-domain-info/?"".http_build_query($urlarr);
411 | $vars = $buyingbuddyObj->getApiData($url, array());
412 | if (!empty($vars)) {
413 | $arr = explode(""~"",$vars);
414 | $theme_id = sanitize_text_field($arr[0]);
415 | $google_map_key = sanitize_text_field($arr[1]);
416 | } else {
417 | $theme_id = """";
418 | $google_map_key = """";
419 | }
420 | if (!empty($theme_id) && !empty($theme_id) && !empty($buyingbuddy_options[""acid""])) {
421 | update_option('buyingbuddy_theme_id', $theme_id);
422 | }
423 | require_once plugin_dir_path( __FILE__ ).'../views/settings_messages.php';
424 | require_once plugin_dir_path( __FILE__ ).'../views/settings_options.php';
425 | } else {
426 | $show_sidebar = """";
427 | require_once plugin_dir_path( __FILE__ ).'../views/settings_install.php';
428 | }
429 | } else {
430 | $show_sidebar = """";
431 | require_once plugin_dir_path( __FILE__ ).'../views/settings_terms.php';
432 | }
433 |
434 | }
435 |
436 | require_once plugin_dir_path( __FILE__ ).'../views/settings_footer.php';
437 |
438 | }
^ Col 0
Our security policy
We have reserved the ID CVE-2025-31319 to refer to this issue from now on.
System Information
- Product: Buying Buddy IDX CRM - Real Estate MLS Plugin
- Version: 1.2.1
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Andres Roldan from Fluid Attacks' Offensive Team using Skims
Timeline
2025-03-14
Vulnerability discovered.
2025-03-14
Vendor contacted.
