WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.
PoC: wp-file-manager-CVE-2020-25213
https://medium.com/@mansoorr/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8
PoC: WPKiller
CVE-2020-25213 Wordpress File Manager 6.7 Plugin 0day exploit
PoC: wp-file-manager-exploit-CVE-2020-25213-with-Zerologon
Exploit Windows server 2019 vulnerable to Zerologon with Garble, Chisel, wp-file-manager vulnerability (have video demo)
PoC: wordpress-rce-vapt-cve-2020-25213
Educational cybersecurity project demonstrating exploitation and mitigation of CVE-2020-25213 (WordPress File Manager Plugin RCE). Includes malware simulation, VAPT analysis, and security patch implementation in a controlled lab environment.
PoC: Python-CVE-2020-25213
Python Interactive Exploit for WP File Manager Vulnerability. The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension.
PoC: Python-exploit-CVE-2020-25213
Python exploit for RCE in Wordpress
PoC: CVE-2020-25213-wordpress-wp-file-manager-fileupload
WordPress的文件管理器插件(wp-file-manager)6.9版本之前存在安全漏洞,该漏洞允许远程攻击者上传和执行任意PHP代码。
PoC: Wordpress-CVE-2020-25213
Will write a python script for exploiting this vulnerability
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free