CVE-2014-9013

HIGH

WP Marketplace <2.4.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-9013. PoCs published by Claudio Viviani.

AI-analyzed exploit summary This exploit targets a vulnerability in WP Marketplace 2.4.0, allowing unauthenticated remote command execution by leveraging the `call_user_func` function to execute arbitrary functions, specifically `wp_insert_user`, to create an administrator account.

Description

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.

Exploits (2)

exploitdb WORKING POC

by Claudio Viviani · pythonwebappsphp

https://www.exploit-db.com/exploits/36490

View Code ZIP pw:eip

This exploit targets a vulnerability in WP Marketplace 2.4.0, allowing unauthenticated remote command execution by leveraging the `call_user_func` function to execute arbitrary functions, specifically `wp_insert_user`, to create an administrator account.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WP Marketplace 2.4.0

No auth needed

Prerequisites: Target must be running WP Marketplace 2.4.0 · WordPress installation must be accessible

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/36466

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file download vulnerability in WP Marketplace 2.4.0 by leveraging a call_user_func() vulnerability to execute arbitrary functions, allowing an attacker to download sensitive files like wp-config.php.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: WP Marketplace 2.4.0

Auth required

Prerequisites: WordPress installation with WP Marketplace 2.4.0 · User registration enabled · Valid user credentials

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/36490/

Scores

CVSS v3 8.8

EPSS 0.4787

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (1)

wpmarketplace_project/wpmarketplace 2.4.0

Published Nov 06, 2019

Tracked Since Feb 18, 2026