Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-25094 PoC — Tatsu < 3.3.12 - Unauthenticated RCE

Source
https://github.com/experimentalcrow1/TypeHub-Exploiter
Associated Vulnerability
Title:Tatsu < 3.3.12 - Unauthenticated RCE (CVE-2021-25094)
Description:The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By adding a PHP shell with a filename starting with a dot ".", this can bypass extension control implemented in the plugin. Moreover, there is a race condition in the zip extraction process which makes the shell file live long enough on the filesystem to be callable by an attacker.
Description
This script exploits a vulnerability (CVE-2021-25094) in the TypeHub WordPress plugin.
Readme
# TypeHub Exploiter
This script exploits a vulnerability (CVE-2021-25094) in the TypeHub WordPress plugin.
File Snapshot

 [4.0K]  /data/pocs/6d3152950b7e3c5d81e874374034e72e00a7f7ee
├── [ 107]  README.md
├── [2.5K]  the.py
└── [ 488]  up.zip

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →