来源

关联漏洞

描述

Advanced scanner and PoC for CVE-2025-26909 in Hide My WP Ghost

介绍

<img src="https://raw.githubusercontent.com/issamjr/CVE-2025-26909-Scanner/refs/heads/main/file_00000000bc8c622f812f7390bb5235c7.png" />
# CVE-2025-26909 Vulnerability Scanner

A Python-based scanner and proof-of-concept script for detecting CVE-2025-26909 in WordPress plugin "Hide My WP Ghost" by Issam Junior.

## 🔍 Vulnerability Overview
**CVE-2025-26909** is a critical Local File Inclusion (LFI) vulnerability found in versions <= 5.4.01 of the "Hide My WP Ghost" plugin. This flaw allows attackers to read arbitrary files on the server by abusing improperly validated file path inputs.

## 💥 Impact
Attackers may exploit this flaw to:
- View sensitive files such as `/etc/passwd`, `wp-config.php`.
- Execute remote PHP code using LFI chains if combined with other misconfigurations.

## 🛡️ Mitigation
- Update the plugin to version **5.4.02 or newer**.
- Disable the “Change Paths” feature if it is not needed.
- Apply file inclusion filtering and file access hardening (AppArmor, chroot, etc).

## 🚀 Usage

### 1. Clone the tool
```bash
git clone https://github.com/issamjr/CVE-2025-26909-Scanner.git
cd CVE-2025-26909-Scanner
```

### 2. Install dependencies
```bash
pip install -r requirements.txt
```

### 3. Run the scanner
```bash
python3 scanner.py http://example.com/
```

## 📁 Output Format
- `[+]` Vulnerable
- `[-]` Not Vulnerable
- `[*]` Checking
- `[!]` Errors

## 👨‍💻 Author
- Issam Junior
- Telegram: [@issamiso](https://t.me/issamiso)
- GitHub: [issamjr](https://github.com/issamjr)

文件快照

 [4.0K]  /data/pocs/7b1280af0ae8100dddda41c1fc7ea94bbcbfa03c
├── [2.1M]  file_00000000bc8c622f812f7390bb5235c7.png
├── [1.5K]  README.md
├── [  17]  requirements.txt
└── [2.4K]  scanner.py

0 directories, 4 files

备注