支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款

POC详情: ad0abb002321b3e1dbbed404fac9105d9ab936f3

来源
https://github.com/Nxploited/CVE-2025-6440
关联漏洞
标题:WordPress plugin WooCommerce Designer Pro 代码问题漏洞 (CVE-2025-6440)
描述:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台具有在基于PHP和MySQL的服务器上架设个人博客网站的功能。WordPress plugin是一个应用插件。 WordPress plugin WooCommerce Designer Pro 1.9.26及之前版本存在代码问题漏洞,该漏洞源于wcdp_save_canvas_design_ajax函数缺少文件类型验证,可能导致任意文件上传和远程代码执行。
描述
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
介绍
# CVE-2025-6440
WooCommerce Designer Pro &lt;= 1.9.26 - Unauthenticated Arbitrary File Upload

# 🚀 WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload Exploit
> **CVE:** CVE-2025-6440  
> **CVSS:** 9.8 (Critical)

![Script Banner](https://github.com/Nxploited/CVE-2025-6440/blob/main/Mass1.png)

---

## 📝 Description

The **WooCommerce Designer Pro** plugin for WordPress, widely used (especially in themes such as *Pricom - Printing Company & Design Services*), is vulnerable to **arbitrary file uploads** due to a lack of proper file type validation in the `wcdp_save_canvas_design_ajax` function in all versions up to and including `1.9.26`.  
This potentially allows unauthenticated attackers to upload **any file type** to the server, enabling remote code execution and full site takeover.

---

## ⚠️ Strong Warning

> **NOTE:**  
> Please be extremely vigilant regarding unethical actors.  
> There are individuals who take disclosed vulnerabilities like this, then **sell the exploit, add backdoors, or intentionally harm others.**  
> Always download exploits and scripts from trusted and official sources.  
> **Protect yourself and your team from trojans, backdoors, and malicious payloads disguised as legitimate tools.**  
> If you see this script being sold or used maliciously, report it immediately.  
> You are solely responsible for any misuse or unauthorized deployment.

---

## 👤 Author & Support

- **Telegram Channel:** [@KNxploited](https://t.me/KNxploited)
- **Personal Telegram:** [https://t.me/KNxploited](https://t.me/KNxploited)
- **GitHub:** [https://github.com/Nxploited](https://github.com/Nxploited)

---

## 🌟 Key Features

- **Mass Exploitation**  
  Upload your shell to hundreds/thousands of vulnerable WordPress sites at once.

- **Modern & Professional Console UI**  
  Rich colorized banners, info boxes, and progress meters using the advanced `rich` library.

- **Multi-threaded Performance**  
  Supports fast parallel exploitation via configurable threads for maximum speed.

- **Smart Target List Parsing**  
  Automatically fixes URL formats. Just paste sites — the script prepares them for attack.

- **Automated Vulnerability Check**  
  Only attempts exploitation on truly vulnerable targets (via dual AJAX and asset checks).

- **Auto Shell Upload & Link Logging**  
  All successful uploads and direct shell URLs are recorded for easy later review.

- **Resilient Internet Handling**  
  Pauses and resumes automatically if internet connection drops.

- **Clear Success & Error Handling**  
  Informative, color-coded panels for each possible outcome — no guesswork!

- **Customizable & User-friendly**  
  Define your own targets file and thread count interactively from the start.

---

## 🛠️ Requirements

- **Python 3.7+**  
- Required libraries:  
  - `requests`  
  - `rich`  
  - `urllib3`
- You can install dependencies using:
  ```bash
  pip install requests rich urllib3
  ```
- *Your shell file*, named `shell.php` (to be uploaded to the target).

---

## 🔥 How to Use

1. **Prepare Folder**  
   - Place these files together:
     - `CVE-2025-6440.py` *(the script)*
     - `shell.php` *(the webshell to upload)*
     - `list.txt` *(targets list: one site per line)*

2. **Run the Script**
   ```bash
   python CVE-2025-6440.py
   ```
   - You will be prompted for:
     - The targets file name (default: `list.txt`)
     - Number of threads (e.g., `10`)

3. **Results**
   - Successfully exploited sites will be saved in:
     - `success_results.txt` *(target URL + shell path)*
     - `uploaded_shells.txt` *(shell URLs)*

4. **Example**
   ```
   [list.txt]
   example.com
   https://victimsite.com
   demo.wordpress.net
   ```
   > The script will normalize URLs and handle all the rest!

---

## 📜 Disclaimer

> **This script is provided for testing and educational purposes only.**  
>  
> The author (Nxploited) assumes no responsibility for any misuse, illegal activity, or damage resulting from the use of this code.  
>  
> **Do NOT use against systems without EXPLICIT permission. Unauthorized access is illegal.**  
>  
> Always act ethically and responsibly.

---

## 🧑‍💻 By: Nxploited (Khaled Alenazi)

- Telegram: [@KNxploited](https://t.me/KNxploited)
- GitHub: [Nxploited](https://github.com/Nxploited)
文件快照

 [4.0K]  /data/pocs/ad0abb002321b3e1dbbed404fac9105d9ab936f3
├── [ 13K]  CVE-2025-6440.py
├── [1.5K]  LICENSE
├── [ 32K]  Mass1.png
├── [4.2K]  README.md
└── [  22]  requirements.txt

1 directory, 5 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。