CVE-2024-9935

The repository contains functional exploit code for multiple CVEs, including CVE-2026-22812, which demonstrates a command execution vulnerability in OpenCode. The PoC sends crafted requests to exploit the vulnerability and verify command execution via the 'id' command.

This repository contains a functional proof-of-concept exploit for CVE-2024-9935, an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin for WordPress. The exploit leverages a path traversal flaw in the rtw_pgaepb_dwnld_pdf() function to read arbitrary files on the server.

This PoC demonstrates an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin for WordPress. The vulnerability is exploited via a path traversal attack in the rtw_pgaepb_dwnld_pdf() function, allowing attackers to read sensitive files on the server.

The repository contains functional exploit code for CVE-2024-9935, targeting an arbitrary file upload vulnerability in the WordPress Plugin 3DPrint Lite 1.9.1.4. The exploit demonstrates the ability to upload a malicious file to a vulnerable target.

This PoC exploits an unauthenticated arbitrary file download vulnerability in the PDF Generator Addon for Elementor Page Builder plugin (version <= 1.7.5). It first checks the plugin version via a README.txt file and then attempts to read /etc/passwd using a path traversal attack.