9.8
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
# CVE-2025-6934 – WordPress Opal Estate Pro Exploit
📖 Description
This repository contains a **Proof of Concept (PoC) exploit** for **CVE-2025-6934**,
a critical vulnerability in **WordPress Plugin: Opal Estate Pro <= 1.7.5**, allowing **unauthenticated administrator account creation**.
⚠️ **Disclaimer**: This tool is provided for **educational and security research purposes only**.
The author is **not responsible** for any misuse or damage caused.
---
## 🚀 Features
- Automatic detection of plugin version from `readme.txt`
- Nonce extraction for registration
- Exploits vulnerable AJAX endpoint
- Creates a new **administrator account**
---
## 🔧 Installation
Clone the repo and install dependencies:
```bash
git clone https://github.com/0xgh057r3c0n/CVE-2025-6934.git
cd CVE-2025-6934
pip3 install -r requirements.txt
````
**requirements.txt**
```
requests
beautifulsoup4
colorama
```
---
## ▶️ Usage
Run the script with your target:
```bash
python3 CVE-2025-6934.py -u http://target.com/ -mail [email protected] -password MySecurePass123 -user newadmin
```
✅ Example Output:
```
[✔] Exploit Successful!
Username : newadmin
Email : [email protected]
Password : MySecurePass123
Role : administrator
```
---
## 📸 Screenshot
---
## 🛡️ Mitigation
* Update to the **latest version** of the plugin
* Or disable the vulnerable plugin immediately
* Monitor WordPress logs for unauthorized account creation
---
## 👤 Author
**Gaurav Bhattacharjee** (0xgh057r3c0n)
---
## 📜 License
This project is licensed under the **MIT License** – see the [LICENSE](LICENSE) file for details.
📖 Description
This repository contains a **Proof of Concept (PoC) exploit** for **CVE-2025-6934**,
a critical vulnerability in **WordPress Plugin: Opal Estate Pro <= 1.7.5**, allowing **unauthenticated administrator account creation**.
⚠️ **Disclaimer**: This tool is provided for **educational and security research purposes only**.
The author is **not responsible** for any misuse or damage caused.
---
## 🚀 Features
- Automatic detection of plugin version from `readme.txt`
- Nonce extraction for registration
- Exploits vulnerable AJAX endpoint
- Creates a new **administrator account**
---
## 🔧 Installation
Clone the repo and install dependencies:
```bash
git clone https://github.com/0xgh057r3c0n/CVE-2025-6934.git
cd CVE-2025-6934
pip3 install -r requirements.txt
````
**requirements.txt**
```
requests
beautifulsoup4
colorama
```
---
## ▶️ Usage
Run the script with your target:
```bash
python3 CVE-2025-6934.py -u http://target.com/ -mail [email protected] -password MySecurePass123 -user newadmin
```
✅ Example Output:
```
[✔] Exploit Successful!
Username : newadmin
Email : [email protected]
Password : MySecurePass123
Role : administrator
```
---
## 📸 Screenshot
---
## 🛡️ Mitigation
* Update to the **latest version** of the plugin
* Or disable the vulnerable plugin immediately
* Monitor WordPress logs for unauthorized account creation
---
## 👤 Author
**Gaurav Bhattacharjee** (0xgh057r3c0n)
---
## 📜 License
This project is licensed under the **MIT License** – see the [LICENSE](LICENSE) file for details.
Basic Information
ID
65FAD546-0AA8-531B-9227-B4AAD843EB1B
Published
Aug 16, 2025 at 12:12
Modified
Aug 18, 2025 at 16:37