Pwdnx1337 - Security Researcher - Exploit Intelligence Platform

CVE-2025-7441 NOMISEC CRITICAL WORKING POC

StoryChief <= 1.0.42 - Unauthenticated Arbitrary File Upload via Webhook REST-API Endpoint

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

2 stars

CVSS 9.8

View Code

CVE-2025-6440 NOMISEC CRITICAL WORKING POC

WooCommerce Designer Pro <1.9.26 - RCE

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdp_save_canvas_design_ajax' function in all versions up to, and including, 1.9.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

1 stars

CVSS 9.8

View Code

CVE-2025-7441 VULNCHECK_XDB CRITICAL WORKING POC

StoryChief <= 1.0.42 - Unauthenticated Arbitrary File Upload via Webhook REST-API Endpoint

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS 9.8

View Code

CVE-2025-6440 VULNCHECK_XDB CRITICAL WORKING POC

WooCommerce Designer Pro <1.9.26 - RCE

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdp_save_canvas_design_ajax' function in all versions up to, and including, 1.9.26. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS 9.8

View Code