Open Redirect Vulnerability in Flexmls® IDX Product by flexmls
CVE-2025-67585

4.7MEDIUM

Key Information:

Vendor: WordPress
Status: Flexmls® Idx
Vendor: CVE Published:; 9 December 2025

What is CVE-2025-67585?

The Flexmls® IDX product is vulnerable to an Open Redirect issue that could allow attackers to redirect users to untrusted sites. This vulnerability exists in versions from n/a through 3.15.7. If exploited, it could facilitate phishing attacks, misleading users into providing sensitive information. Users should ensure their systems are updated to protect against this potential threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Flexmls® IDX <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/flexmls-...

vdb-entry

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

Credit

Nabil Irawan | Patchstack Bug Bounty Program

JSON

WordPress

What is CVE-2025-67585?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.