CVE-2014-9014

MEDIUM

WP Marketplace <2.4.1 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-9014. PoCs published by Claudio Viviani, Kacper Szurek.

AI-analyzed exploit summary This exploit targets a vulnerability in WP Marketplace 2.4.0, allowing unauthenticated remote command execution by leveraging the `call_user_func` function to execute arbitrary functions, specifically `wp_insert_user`, to create an administrator account.

Description

Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.

Exploits (2)

exploitdb WORKING POC

by Claudio Viviani · pythonwebappsphp

https://www.exploit-db.com/exploits/36490

View Code ZIP pw:eip

This exploit targets a vulnerability in WP Marketplace 2.4.0, allowing unauthenticated remote command execution by leveraging the `call_user_func` function to execute arbitrary functions, specifically `wp_insert_user`, to create an administrator account.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WP Marketplace 2.4.0

No auth needed

Prerequisites: Target must be running WP Marketplace 2.4.0 · WordPress installation must be accessible

MITRE ATT&CK

T1189 - Drive-by Compromise T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC

by Kacper Szurek · textwebappsphp

https://www.exploit-db.com/exploits/36466

View Code ZIP pw:eip

This exploit leverages an arbitrary function execution vulnerability in WP Marketplace 2.4.0 via `call_user_func` to escalate privileges and download arbitrary files, including `wp-config.php`. It automates registration, login, privilege escalation, and file download steps.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: WP Marketplace 2.4.0

Auth required

Prerequisites: WordPress site with WP Marketplace 2.4.0 installed · Network access to the target

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://security.szurek.pl/wp-marketplace-240-arbitrary-file-download.html

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/36466/

Scores

CVSS v3 4.3

EPSS 0.1190

EPSS Percentile 95.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

wpmarketplace_project/wpmarketplace 2.4.0

Published Nov 06, 2019

Tracked Since Feb 18, 2026