CVE-2024-9932

CRITICAL

Wux Blog Editor <3.0.0 - File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2024-9932. PoCs published by RandomRobbieBF, JoshuaProvoste, Boshe99.

AI-analyzed exploit summary This PoC demonstrates an unauthenticated arbitrary file upload vulnerability in Wux Blog Editor for WordPress <= 3.0.0. The exploit leverages insufficient file type validation in the 'wuxbt_insertImageNew' function, allowing remote code execution via a crafted HTTP POST request.

Description

The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

Exploits (4)

nomisec WORKING POC 4 stars
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-9932

This PoC demonstrates an unauthenticated arbitrary file upload vulnerability in Wux Blog Editor for WordPress <= 3.0.0. The exploit leverages insufficient file type validation in the 'wuxbt_insertImageNew' function, allowing remote code execution via a crafted HTTP POST request.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Wux Blog Editor for WordPress <= 3.0.0
No auth needed
Prerequisites: Access to the target WordPress site · Network connectivity to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by JoshuaProvoste · poc
https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-9932

This is a functional exploit for CVE-2024-9932, an unauthenticated arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin. It uploads a remote PHP payload via a vulnerable REST endpoint and provides an interactive shell for command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Wux Blog Editor WordPress plugin
No auth needed
Prerequisites: Access to a vulnerable WordPress instance with the Wux Blog Editor plugin installed · A remote server hosting the PHP payload
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WORKING POC
by Boshe99 · pythonpoc
https://github.com/Boshe99/CVE-Exploits/tree/main/CVE-2024-9932-POC

The repository contains functional exploit code for CVE-2024-9932, targeting a WordPress plugin (3DPrint Lite 1.9.1.4) with an arbitrary file upload vulnerability. The Python script demonstrates the ability to upload a malicious file to a vulnerable target.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WordPress Plugin 3DPrint Lite 1.9.1.4
No auth needed
Prerequisites: target URL · malicious file to upload
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC
by Nxploited · poc
https://github.com/Nxploited/CVE-2024-9932-POC

This is a functional exploit for CVE-2024-9932, targeting an arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin (versions up to 3.0). The PoC checks the plugin version and exploits insufficient file type validation to upload a remote file to the server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Wux Blog Editor WordPress plugin <= 3.0
No auth needed
Prerequisites: Target must have the vulnerable Wux Blog Editor plugin installed · Remote file URL must be accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.3781
EPSS Percentile 98.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
jurredeklijn/Wux Blog Editor < 3.0.0
Published Oct 26, 2024
Tracked Since Feb 18, 2026