CVE-2012-10027

CRITICAL

WP-Property < 1.35.0 - Unauthenticated Arbitrary File Upload via uploadify.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2012-10027. PoCs published by Metasploit, Sammy FORGIT, including Metasploit module exploits/unix/webapp/wp_property_upload_exec.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated file upload vulnerability in WP-Property <= 1.35.0, allowing arbitrary PHP code execution via a malicious file upload to the uploadify.php endpoint.

Description

WP-Property plugin for WordPress up to and including version 1.35.0 contains an unauthenticated file upload vulnerability in the third-party `uploadify.php` script. A remote attacker can upload arbitrary PHP files to a temporary directory without authentication, leading to remote code execution.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/23651

This Metasploit module exploits an unauthenticated file upload vulnerability in WP-Property <= 1.35.0, allowing arbitrary PHP code execution via a malicious file upload to the uploadify.php endpoint.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress WP-Property plugin <= 1.35.0
No auth needed
Prerequisites: Target running WordPress with vulnerable WP-Property plugin · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Sammy FORGIT · phpwebappsphp
https://www.exploit-db.com/exploits/18987

This exploit demonstrates an arbitrary file upload vulnerability in WP-Property plugin (v1.35.0) by leveraging the `uploadify.php` endpoint to upload a malicious PHP file (`lo.php`). The PoC uses cURL to send a POST request with the file payload, allowing remote code execution (RCE) via the uploaded shell.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WP-Property WordPress Plugin v1.35.0
No auth needed
Prerequisites: Target must have WP-Property plugin v1.35.0 installed · The uploadify.php endpoint must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Sammy FORGIT · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_property_upload_exec.rb

This Metasploit module exploits an unauthenticated file upload vulnerability in the WordPress WP-Property plugin (CVE-2012-10027), allowing arbitrary PHP code execution by uploading a malicious file via the uploadify.php endpoint.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress WP-Property plugin <= 1.35.0
No auth needed
Prerequisites: Target must have WP-Property plugin <= 1.35.0 installed · Network access to the WordPress site
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v4 9.3
EPSS 0.0162
EPSS Percentile 73.0%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
WP-Property/WordPress Plugin < 1.35.0
Published Aug 05, 2025
Tracked Since Feb 18, 2026