CVE-2015-10140

HIGH

Ajax Load More <2.8.1.2 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-10140. PoCs published by PizzaHatHacker, including Metasploit module exploits/unix/webapp/wp_ajax_load_more_file_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in WordPress Ajax Load More plugin version 2.8.1.1, allowing remote code execution by uploading a malicious PHP file. It requires valid WordPress credentials to authenticate and obtain a nonce for the upload process.

Description

The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.

Exploits (1)

metasploit WORKING POC EXCELLENT
by PizzaHatHacker · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_ajax_load_more_file_upload.rb

This Metasploit module exploits an arbitrary file upload vulnerability in WordPress Ajax Load More plugin version 2.8.1.1, allowing remote code execution by uploading a malicious PHP file. It requires valid WordPress credentials to authenticate and obtain a nonce for the upload process.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WordPress Ajax Load More 2.8.1.1
Auth required
Prerequisites: Valid WordPress username and password · Target running vulnerable version of Ajax Load More plugin
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory exploit vdb-entry technical-description
https://wpscan.com/vulnerability/9f0c926e-0609-4c89-a724-88e16bcfa82a

Scores

CVSS v3 8.8
EPSS 0.0095
EPSS Percentile 56.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-862
Status published
Products (1)
connekthq/ajax_load_more < 2.8.1.2
Published Jul 22, 2025
Tracked Since Feb 18, 2026