CVE-2025-28915 PoC — WordPress plugin ThemeEgg ToolKit 代码问题漏洞

Source

https://github.com/Pei4AN/CVE-2025-28915

Associated Vulnerability

Title:WordPress plugin ThemeEgg ToolKit 代码问题漏洞 (CVE-2025-28915)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin ThemeEgg ToolKit 1.2.9及之前版本存在代码问题漏洞，该漏洞源于允许上传危险类型文件，可能导致上传Web Shell。

Readme

# CVE-2025-28915
## 漏洞描述：
WordPress是一套使用PHP语言开发的博客平台，该平台支持在PHP和MySQL的服务器上架设个人博客网站。

WordPress  ThemeEgg ToolKit 1.2.9及之前版本存在代码问题漏洞，该漏洞源于允许上传危险类型文件，可能导致上传Web Shell。

## 环境搭建：
``` docker pull wordpress ```

历史插件：https://github.com/themeegg/themeegg-toolkit/releases/tag/1.2.4

安装插件：http://URL/wp-admin/plugin-install.php
![image](https://github.com/user-attachments/assets/03559b12-8b58-4c1f-a005-e24c094808c3)


## 漏洞复现
根据项目https://github.com/Nxploited/CVE-2025-28915 的优化

```pip install requests beautifulsoup4```

```python -u  http://127.0.0.1 -un  username -p password```

URL最后不携带"/"
![image](https://github.com/user-attachments/assets/12dfc07e-db6d-4a3b-a54e-5bc5dcb0e3f6)

![image](https://github.com/user-attachments/assets/4e25a3d1-1498-491a-905e-bfb0f3ca5920)

File Snapshot


 [4.0K]  /data/pocs/a66d6dc0253fda869a5d4da2fb151337138568ef
├── [4.3K]  CVE-2025-28915.py
└── [ 987]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!