CVE-2025-11174

MEDIUM

Document Library Lite <1.1.6 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-11174. PoCs published by SnailSploit.

AI-analyzed exploit summary The repository contains functional exploit scripts (Python and Bash) for CVE-2025-11174, targeting a WordPress vulnerability. It includes detailed documentation, Nuclei templates for scanning, and comprehensive usage guidelines.

Description

The Document Library Lite plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 1.1.6. This is due to the plugin exposing an unauthenticated AJAX action dll_load_posts which returns a JSON table of document data without performing nonce or capability checks. The handler accepts an attacker-controlled args array where the status option explicitly allows draft, pending, future, and any. This makes it possible for unauthenticated attackers to retrieve unpublished document titles and content via the AJAX endpoint.

Exploits (1)

github WORKING POC
by SnailSploit · pythonpoc
https://github.com/SnailSploit/CVE-2025-11174

The repository contains functional exploit scripts (Python and Bash) for CVE-2025-11174, targeting a WordPress vulnerability. It includes detailed documentation, Nuclei templates for scanning, and comprehensive usage guidelines.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: WordPress (version not specified)
No auth needed
Prerequisites: Target WordPress site URL
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 5.3
EPSS 0.0025
EPSS Percentile 15.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-285
Status published
Products (1)
barn2media/Document Library Lite < 1.1.6
Published Nov 01, 2025
Tracked Since Feb 18, 2026