CVE-2016-15043

CRITICAL EXPLOITED NUCLEI

WP Mobile Detector <3.5 - File Upload

Title source: llm

Exploitation Summary

CVE-2016-15043 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including pluginvulnerabilities.com, Aaditya Purani, h00die, including a Metasploit module exploits/unix/webapp/wp_mobile_detector_upload_execute. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in WordPress WP Mobile Detector 3.5 by uploading a malicious PHP payload via the resize.php script and executing it through the cache directory.

Description

The WP Mobile Detector plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in resize.php file in versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Exploits (1)

metasploit WORKING POC EXCELLENT

by pluginvulnerabilities.com, Aaditya Purani, h00die · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_mobile_detector_upload_execute.rb

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in WordPress WP Mobile Detector 3.5 by uploading a malicious PHP payload via the resize.php script and executing it through the cache directory.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WordPress WP Mobile Detector < 3.6

No auth needed

Prerequisites: Target running WordPress with vulnerable WP Mobile Detector plugin · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WP Mobile Detector <= 3.5 - Unrestricted File Upload

CRITICALVERIFIEDby D3nverNg,thewindghost

References (6)

Core 6

Core References

Exploit, Third Party Advisory

https://aadityapurani.com/2016/06/03/mobile-detector-poc/

Exploit, Press/Media Coverage

https://blog.sucuri.net/2016/06/wp-mobile-detector-vulnerability-being-exploited-in-the-wild.html

Product

https://wordpress.org/plugins/wp-mobile-detector/changelog/

Exploit, Third Party Advisory

https://wpscan.com/vulnerability/e4739674-eed4-417e-8c4d-2f5351b057cf

Exploit, Third Party Advisory

https://www.pluginvulnerabilities.com/2016/05/31/aribitrary-file-upload-vulnerability-in-wp-mobile-detector/

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/5a5d5dbd-36f0-4886-adf8-045ec9c2e306?source=cve

Scores

CVSS v3 9.8

EPSS 0.0963

EPSS Percentile 94.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

VulnCheck KEV 2016-06-03

CWE

CWE-434

Status published

Products (2)

Websitez.com, LLC/WP Mobile Detector < 3.5

wp_mobile_detector_project/wp_mobile_detector < 3.5

Published Jul 19, 2025

Tracked Since Feb 18, 2026