Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-25600 PoC — WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability

Source
https://github.com/RHYru9/CVE-2024-25600-mass
Associated Vulnerability
Title:WordPress Bricks Theme <= 1.9.6 - Unauthenticated Remote Code Execution (RCE) vulnerability (CVE-2024-25600)
Description:Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Readme
## Mass Upload Shell for CVE
```python
python3 exploit.py -l yourlist.txt
```
## Path Shell
```bash
https://examplewebsite.com/asd.php
```
## Fofa
```
body="/wp-content/themes/bricks/"
```
## Hunter.how
```
web.body="/wp-content/themes/bricks/"
```
File Snapshot

 [4.0K]  /data/pocs/dbb8ff21328cf3f43f2a1fcd02caa61967d8b28b
├── [2.0K]  bulk-check.py
├── [9.9K]  exploit.py
├── [ 249]  README.md
└── [  48]  requirements.txt

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →