CVE-2008-5695

WordPress <2.3.2 - Authenticated RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5695. PoCs published by Alexander Concha.

AI-analyzed exploit summary This exploit targets a vulnerability in WordPress MU (Multi-User) by overwriting the 'active_plugins' option to execute arbitrary PHP code. It leverages authenticated file upload and option manipulation to achieve remote code execution.

Description

wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Alexander Concha · phpwebappsphp

https://www.exploit-db.com/exploits/5066

View Code ZIP pw:eip

This exploit targets a vulnerability in WordPress MU (Multi-User) by overwriting the 'active_plugins' option to execute arbitrary PHP code. It leverages authenticated file upload and option manipulation to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: WordPress MU (versions prior to fix for CVE-2008-5695)

Auth required

Prerequisites: Valid WordPress MU user credentials with 'manage_options' and 'upload_files' capabilities · File upload functionality enabled · Access to the WordPress admin interface

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →