漏洞平台

POC详情： 52907b1a5fdc4706b2c20a22ce4e6f948843dfa5

来源

https://github.com/ImBIOS/lab-cve-2025-3515

关联漏洞

标题： WordPress plugin Drag and Drop Multiple File Upload for Contact Form 代码问题漏洞 (CVE-2025-3515)
描述：WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Drag and Drop Multiple File Upload for Contact Form 7 1.3.8.9及之前版本存在代码问题漏洞，该漏洞源于文件类型验证不足，可能导致未经验证攻击者上传.phar等危险文件类

描述

CVE-2025-3515 WordPress lab for Drag and Drop Multiple File Upload for CF7: Dockerized PoC & Nuclei testing

介绍

# CVE-2025-3515 WordPress Lab (Drag and Drop Multiple File Upload for Contact Form 7)

Spin up a vulnerable WordPress environment to reproduce and validate CVE-2025-3515 — unrestricted file upload via `ddmu_upload_file` in the plugin `drag-and-drop-multiple-file-upload-contact-form-7` (≤ 1.3.8.9). This lab is Dockerized for quick, deterministic testing with Nuclei.

- Vulnerable plugin: `drag-and-drop-multiple-file-upload-contact-form-7` v1.3.8.9
- Core dependency: Contact Form 7 (auto-installed)
- Endpoint of interest: `/wp-admin/admin-ajax.php?action=ddmu_upload_file`

## Quickstart

1. Start the lab

```bash
docker compose up -d
```

1. Wait 15-45s for init. Confirm WP is reachable:

```bash
curl -I http://localhost:8080/wp-login.php | head -n1
```

1. Run the Nuclei PoC template from repo root

```bash
nuclei -u http://localhost:8080 -t http/cves/2025/CVE-2025-3515.yaml -vv -debug
```

Containerized alternative (uses the same docker network):

```bash
docker run --rm --network lab-cve-2025-3515_default \
  -v "$(pwd)":/workspace \
  projectdiscovery/nuclei:latest \
  -u http://wordpress \
  -t /workspace/http/cves/2025/CVE-2025-3515.yaml -vv -debug
```

### Credentials

- WP Admin: admin / admin

### Notes

- This lab demonstrates arbitrary file upload and code execution under Apache + mod_php style containers. The included Nuclei template uploads a short PHP payload that self-deletes after echoing a marker for verification.
- For safety, only run against local or authorized targets.

### Tags / Topics

wordpress, contact-form-7, drag-and-drop-multiple-file-upload-contact-form-7, ddmu_upload_file, arbitrary file upload, rce, nuclei, docker lab, security research, CVE-2025-3515

文件快照


 [4.0K]  /data/pocs/52907b1a5fdc4706b2c20a22ce4e6f948843dfa5
├── [1.2K]  docker-compose.yml
├── [1.7K]  README.md
└── [4.0K]  scripts
    └── [3.8K]  wp-init.sh

1 directory, 3 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。