AdForest <= 6.0.9 - Authentication Bypass to Admin# CVE-2025-8359
AdForest <= 6.0.9 - Authentication Bypass to Admin
# 🚨 AdForest <= 6.0.9 - Authentication Bypass to Admin
## 📦 Repository
> **Repo:** [Nxploited/CVE-2025-8359](https://github.com/Nxploited/CVE-2025-8359)
> **Exploit Script:** `CVE-2025-8359.py`
---
## 📋 Description
> **CVE:** CVE-2025-8359
> **Vulnerability Type:** Authentication Bypass
> **Affected Product:** [AdForest - Classified Ads WordPress Theme](https://themeforest.net/item/adforest-classified-ads-wordpress-theme/19481695)
> **Affected Versions:** Up to and including 6.0.9
> **CVSS Score:** **9.8 (Critical)**
The AdForest theme for WordPress is vulnerable to an **Authentication Bypass** flaw in all versions up to 6.0.9.
Due to improper validation of user identity during authentication, an unauthenticated attacker can log in as **any user**, including administrators—without needing a password. This allows full compromise of WordPress sites using AdForest.
---
## 🛠️ Script Overview
This repository contains a professional Python exploit script: `CVE-2025-8359.py`
The script automates exploitation, intelligently testing all possible phone number formats to maximize success.
It can authenticate as any user (including admin) and recover valid WordPress login cookies for hijacking sessions.
**Key Features:**
- Multi-variant phone format testing (`+`, spaces, encoding, etc).
- Auto-detection of user ID from server response.
- Robust session and error handling.
- Clear output with admin cookie extraction.
---
## 🚀 Usage
1. **Clone the repository:**
```bash
git clone https://github.com/Nxploited/CVE-2025-8359.git
cd CVE-2025-8359
```
2. **Install dependencies:**
```bash
pip install requests
```
3. **Run the exploit script:**
```bash
python CVE-2025-8359.py -u "http://target.com/wordpress" -p "+966 555 555 555" -i 1
```
- `-u` : Base URL of WordPress installation.
- `-p` : Target user's phone number (as stored in DB).
- `-i` : Target user ID (e.g., `1` for admin).
- `-n` : Name value (optional, default "test").
4. **Show script help:**
```bash
python CVE-2025-8359.py -h
```
---
## 📦 Requirements
- Python 3.7+
- [`requests`](https://pypi.org/project/requests/)
Install via: `pip install requests`
---
## 🧾 Valid Output
- **If exploitation is successful:**
```
[+] Logged in! Cookie: wordpress_logged_in_xxxxxx=xxxxxxx
```
You have a valid WordPress authentication cookie for the target user.
- **If all formats fail:**
```
[-] All variants failed. Try other phone formats or check the database.
```
---
## 🍪 Cookie Usage
Once exploitation is successful, the script prints the recovered authentication cookie.
**How to use the cookie:**
- Copy the `wordpress_logged_in_...` value.
- Inject the cookie into your browser session (using a browser extension, or DevTools).
- Visit `/wp-admin/` on the target site. If the exploit succeeded, you will have admin access.
**Example (with Chrome extension):**
1. Install "EditThisCookie" or similar.
2. Add the cookie for your target site:
- Name: `wordpress_logged_in_xxxxxx`
- Value: `xxxxxxx` (as printed by the script)
3. Refresh the page for admin access.
---
## ⚠️ Disclaimer
This project and exploit are for **educational and authorized penetration testing purposes only**.
The author is **not responsible** for any misuse or damage caused by this exploit.
Always obtain proper permission before testing any systems.
---
## ✨ By: _**Nxploited ( Khaled Alenazi )**_
[4.0K] /data/pocs/1bf582defe52ee2541277fd185e22d279588ccd7
├── [3.9K] CVE-2025-8359.py
├── [1.5K] LICENSE
├── [3.5K] README.md
└── [ 17] requirements.txt
1 directory, 4 files