CVE-2025-32583 PoC — WordPress plugin PDF 2 Post 代码注入漏洞

Source

https://github.com/GadaLuBau1337/CVE-2025-32583

Associated Vulnerability

Title:WordPress plugin PDF 2 Post 代码注入漏洞 (CVE-2025-32583)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin PDF 2 Post 2.4.0及之前版本存在代码注入漏洞，该漏洞源于代码生成控制不当，可能导致远程代码包含。

Readme


# 🚨 CVE-2025-32583 — WordPress PDF 2 Post RCE Exploit

> **CRITICAL Vulnerability**  
> **CVE-ID:** CVE-2025-32583  
> **Severity:** 9.9 (CRITICAL)  
> **CVSS Vector:** `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H`  

---

## 📖 Description

A vulnerability in the **PDF 2 Post** WordPress plugin (developed by termel) allows **Remote Code Inclusion (RCE)** due to **Improper Control of Generation of Code**.  
Affected versions: `<= 2.4.0`

The flaw allows **authenticated users** (even low-privilege users) to upload a `.zip` containing PHP code. Once extracted by the plugin, the malicious PHP file may be executed remotely via a public-facing uploads directory.

---

## ⚙️ Features

- ✅ Automatically generates malicious `gadalubau.zip`
- ✅ Logs in using WordPress credentials
- ✅ Extracts dynamic `nonce` token
- ✅ Uploads the payload
- ✅ Clean terminal output with status indicators

---

## 📂 Shell Location

Once the payload is uploaded, the PHP shell will be extracted into the WordPress uploads folder.  
🛠️ **Default path:**
```
/wp-content/uploads/YYYY/MM/gadalubau.php
```
For example, if exploited in **May 2025**, the URL would be:
```
http://target-site.com/wp-content/uploads/2025/05/gadalubau.php
```
🕓 WordPress automatically organizes uploads by **year/month**, so ensure you check the correct folder based on the current date.

---

## 🧪 Usage

```bash
python CVE-2025-32583.py --help
```

### Example:
```bash
python CVE-2025-32583.py -u http://target-site.com/wordpress -un admin -p admin
```

---

## 💡 Sample Output

```
Exploit By: GadaLuBau (GadaLuBau1337)
[+] Payload gadalubau.zip created successfully.
[+] Logged in successfully.
[+] Found nonce: 3c3e8fff7c
[+] Payload uploaded.
```

---

## 📁 Script Name

```bash
CVE-2025-32583.py
```

---

## ⚠️ Disclaimer

This tool is intended **strictly for educational and authorized penetration testing purposes**.  
Any misuse of this code for unauthorized activities is strictly prohibited.  
The author bears **no responsibility** for any damage or misuse.

---

*By: GadaLuBau (GadaLuBau1337)*

File Snapshot


 [4.0K]  /data/pocs/2cb48244746702b2d50187b01406351d26ddd1cb
├── [3.7K]  CVE-2025-32583.py
├── [2.1K]  README.md
└── [  24]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!