CVE-2016-10924

Exploitation Summary

CVE-2016-10924 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 6 public exploits from researchers including alealeluyah, alebrestado, 808ale. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress plugin 'ebook-download' (versions < 1.2). The exploit allows unauthorized file reads by manipulating the 'ebookdownloadurl' parameter in a crafted GET request.

Description

The ebook-download plugin before 1.2 for WordPress has directory traversal.

Exploits (6)

nomisec WORKING POC 1 stars

by alealeluyah · poc

https://github.com/alealeluyah/cve-2016-10924-POC

View Code ZIP pw:eip

This repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress plugin 'ebook-download' (versions < 1.2). The exploit allows unauthorized file reads by manipulating the 'ebookdownloadurl' parameter in a crafted GET request.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress plugin ebook-download < 1.2

No auth needed

Prerequisites: Python 3 · requests library · target running vulnerable plugin

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Apr 24, 2026 Full analysis →

nomisec WORKING POC 1 stars

by alebrestado · poc

https://github.com/alebrestado/cve-2016-10924-POC

View Code ZIP pw:eip

This repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress plugin 'ebook-download' (versions < 1.2). The exploit allows unauthorized file reads by manipulating the 'ebookdownloadurl' parameter in a GET request.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress plugin ebook-download < 1.2

No auth needed

Prerequisites: Python 3 · requests library · target URL with vulnerable plugin

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Apr 24, 2026 Full analysis →

nomisec WORKING POC 1 stars

by 808ale · infoleak

https://github.com/808ale/cve-2016-10924-POC

View Code ZIP pw:eip

This repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress plugin 'ebook-download' (versions < 1.2). The exploit allows unauthorized file reads by manipulating the 'ebookdownloadurl' parameter in a GET request.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress plugin ebook-download < 1.2

No auth needed

Prerequisites: Target must have the vulnerable 'ebook-download' plugin installed and accessible · Python 3 and the 'requests' library

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC 1 stars

by rvzsec · poc

https://github.com/rvzsec/CVE-2016-10924

View Code ZIP pw:eip

The repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress ebook-download plugin (<1.2). The script bruteforces process IDs to leak sensitive files via path traversal.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress ebook-download plugin <1.2

No auth needed

Prerequisites: Target URL with vulnerable plugin installed

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Jun 01, 2026 Full analysis →

nomisec WORKING POC 1 stars

by rvizx · remote

https://github.com/rvizx/CVE-2016-10924

View Code ZIP pw:eip

The repository contains a functional Python script that exploits a directory traversal vulnerability (CVE-2016-10924) in the WordPress ebook-download plugin (<1.2). The script brute-forces process IDs to read sensitive files like /proc/sched_debug and /proc/[pid]/cmdline.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress ebook-download plugin <1.2

No auth needed

Prerequisites: Target URL with vulnerable plugin installed

MITRE ATT&CK

T1006 - Direct Volume Access T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec WORKING POC

by LGenAgul · infoleak

https://github.com/LGenAgul/Wordpress-ebook-CVE-2016-10924

View Code ZIP pw:eip

The repository contains a functional Python script that exploits CVE-2016-10924, a file disclosure vulnerability in the WordPress eBook Download plugin (version 1.1). The script brute-forces process IDs via the vulnerable `filedownload.php` endpoint to leak `/proc/<PID>/cmdline` contents.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: WordPress eBook Download plugin 1.1

No auth needed

Prerequisites: Target must have the vulnerable plugin installed · Access to the WordPress plugin's endpoint

MITRE ATT&CK

T1083 - File and Directory Discovery T1005 - Data from Local System

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Wordpress Zedna eBook download <1.2 - Local File Inclusion

HIGHby idealphase

References (1)

Core 1

Core References

Release Notes x_refsource_misc

https://wordpress.org/plugins/ebook-download/#developers

zedna_ebook_download < 1.2 - Path Traversal

Exploitation Summary

Description

Exploits (6)

Nuclei Templates (1)

References (1)

Scores

Details