漏洞平台

POC详情： 132f1b2be4f836a20a9edfc8e1834e2ea600c9ff

来源

https://github.com/0xgh057r3c0n/CVE-2025-3102

关联漏洞

标题： WordPress plugin SureTriggers 安全漏洞 (CVE-2025-3102)
描述：WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin SureTriggers 1.0.78及之前版本存在安全漏洞，该漏洞源于认证绕过，可能导致管理员账户创建。

描述

SureTriggers <= 1.0.78 - Authorization Bypass Exploit

介绍

# SureTriggers <= 1.0.78 - Authorization Bypass Exploit

This tool exploits an **authorization bypass vulnerability** in the SureTriggers WordPress plugin (versions <= 1.0.78), allowing unauthenticated attackers to create new WordPress user accounts.

> 🔥 Developed by [0xgh057r3c0n](https://github.com/0xgh057r3c0n)

---

## 📌 Vulnerability Details

- **Plugin Name:** SureTriggers
- **Affected Versions:** <= 1.0.78
- **CVE:** Pending
- **Vulnerability Type:** Authorization Bypass → Unauthenticated User Creation
- **Attack Vector:** Remote (unauthenticated HTTP POST request)
- **Impact:** Allows arbitrary user registration with attacker-defined credentials.

---

## ⚙️ Features

- Automatically fetches and verifies the installed plugin version
- Bypasses authorization and creates a new WordPress user
- Customizable email, username, and password via CLI
- Color-coded terminal output
- Default credentials available for fast testing

---

## 🚀 Usage

### 🔧 Requirements

- Python 3.x
- Modules: `requests`, `colorama`

Install dependencies:

```bash
pip3 install -r requirements.txt
````

Or manually:

```bash
pip3 install requests colorama
```

---

### 🛠️ Running the Exploit

```bash
python3 CVE-2025-3102.py -u <target_url> [--newmail <email>] [--newuser <username>] [--newpassword <password>]
```

#### 🔍 Example:

```bash
python3 CVE-2025-3102.py -u https://target-site.com --newuser hacker --newpassword Pass123!
```

---

## 📋 Options

| Argument        | Description                    | Default                                                                   |
| --------------- | ------------------------------ | ------------------------------------------------------------------------- |
| `-u`, `--url`   | Base URL of the WordPress site | *Required*                                                                |
| `--newmail`     | Email address for the new user | [gauravbhattacharjee54@gmail.com](mailto:gauravbhattacharjee54@gmail.com) |
| `--newuser`     | Username to create             | 0xgh057r3c0n                                                              |
| `--newpassword` | Password for the new user      | Wiz007\@8876@                                                             |

---

## 🧠 How It Works

1. Checks the plugin version by reading `readme.txt`.
2. Constructs a special request to `wp-json/sure-triggers/v1/automation/action`.
3. Sends a POST request to create a user, exploiting the missing authentication.
4. Displays success or failure with credential info.

---

## ⚠️ Disclaimer

> This tool is provided for **educational and authorized penetration testing purposes only**.
> **Unauthorized access to systems is illegal** and punishable under law.
> The author is not responsible for any misuse or damage caused.

---

## 📞 Author

* **Name:** Gaurav Bhattacharjee (aka 0xgh057r3c0n)
* **GitHub:** [github.com/0xgh057r3c0n](https://github.com/0xgh057r3c0n)
* **Email:** [gauravbhattacharjee54@gmail.com](mailto:gauravbhattacharjee54@gmail.com)
* **LinkedIn:** [linkedin.com/in/gaurav-bhattacharjee](https://www.linkedin.com/in/gaurav-bhattacharjee/)

---

文件快照


 [4.0K]  /data/pocs/132f1b2be4f836a20a9edfc8e1834e2ea600c9ff
├── [4.8K]  CVE-2025-3102.py
├── [1.1K]  LICENSE
├── [3.1K]  README.md
└── [  18]  requirements.txt

0 directories, 4 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。