Associated Vulnerability
Title:WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload (CVE-2025-6440)Description:The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdp_save_canvas_design_ajax' function in all versions up to, and including, 1.9.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Description
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
Readme
# CVE-2025-6440
WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload
# 🚀 WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload Exploit
> **CVE:** CVE-2025-6440
> **CVSS:** 9.8 (Critical)
---
## 📝 Description
The **WooCommerce Designer Pro** plugin for WordPress, widely used (especially in themes such as *Pricom - Printing Company & Design Services*), is vulnerable to **arbitrary file uploads** due to a lack of proper file type validation in the `wcdp_save_canvas_design_ajax` function in all versions up to and including `1.9.26`.
This potentially allows unauthenticated attackers to upload **any file type** to the server, enabling remote code execution and full site takeover.
---
## ⚠️ Strong Warning
> **NOTE:**
> Please be extremely vigilant regarding unethical actors.
> There are individuals who take disclosed vulnerabilities like this, then **sell the exploit, add backdoors, or intentionally harm others.**
> Always download exploits and scripts from trusted and official sources.
> **Protect yourself and your team from trojans, backdoors, and malicious payloads disguised as legitimate tools.**
> If you see this script being sold or used maliciously, report it immediately.
> You are solely responsible for any misuse or unauthorized deployment.
---
## 👤 Author & Support
- **Telegram Channel:** [@KNxploited](https://t.me/KNxploited)
- **Personal Telegram:** [https://t.me/KNxploited](https://t.me/KNxploited)
- **GitHub:** [https://github.com/Nxploited](https://github.com/Nxploited)
---
## 🌟 Key Features
- **Mass Exploitation**
Upload your shell to hundreds/thousands of vulnerable WordPress sites at once.
- **Modern & Professional Console UI**
Rich colorized banners, info boxes, and progress meters using the advanced `rich` library.
- **Multi-threaded Performance**
Supports fast parallel exploitation via configurable threads for maximum speed.
- **Smart Target List Parsing**
Automatically fixes URL formats. Just paste sites — the script prepares them for attack.
- **Automated Vulnerability Check**
Only attempts exploitation on truly vulnerable targets (via dual AJAX and asset checks).
- **Auto Shell Upload & Link Logging**
All successful uploads and direct shell URLs are recorded for easy later review.
- **Resilient Internet Handling**
Pauses and resumes automatically if internet connection drops.
- **Clear Success & Error Handling**
Informative, color-coded panels for each possible outcome — no guesswork!
- **Customizable & User-friendly**
Define your own targets file and thread count interactively from the start.
---
## 🛠️ Requirements
- **Python 3.7+**
- Required libraries:
- `requests`
- `rich`
- `urllib3`
- You can install dependencies using:
```bash
pip install requests rich urllib3
```
- *Your shell file*, named `shell.php` (to be uploaded to the target).
---
## 🔥 How to Use
1. **Prepare Folder**
- Place these files together:
- `CVE-2025-6440.py` *(the script)*
- `shell.php` *(the webshell to upload)*
- `list.txt` *(targets list: one site per line)*
2. **Run the Script**
```bash
python CVE-2025-6440.py
```
- You will be prompted for:
- The targets file name (default: `list.txt`)
- Number of threads (e.g., `10`)
3. **Results**
- Successfully exploited sites will be saved in:
- `success_results.txt` *(target URL + shell path)*
- `uploaded_shells.txt` *(shell URLs)*
4. **Example**
```
[list.txt]
example.com
https://victimsite.com
demo.wordpress.net
```
> The script will normalize URLs and handle all the rest!
---
## 📜 Disclaimer
> **This script is provided for testing and educational purposes only.**
>
> The author (Nxploited) assumes no responsibility for any misuse, illegal activity, or damage resulting from the use of this code.
>
> **Do NOT use against systems without EXPLICIT permission. Unauthorized access is illegal.**
>
> Always act ethically and responsibly.
---
## 🧑💻 By: Nxploited (Khaled Alenazi)
- Telegram: [@KNxploited](https://t.me/KNxploited)
- GitHub: [Nxploited](https://github.com/Nxploited)
File Snapshot
[4.0K] /data/pocs/ad0abb002321b3e1dbbed404fac9105d9ab936f3
├── [ 13K] CVE-2025-6440.py
├── [1.5K] LICENSE
├── [ 32K] Mass1.png
├── [4.2K] README.md
└── [ 22] requirements.txt
1 directory, 5 files
Remarks
1. It is advised to access via the original source first.
2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →