CVE-2025-27007

This exploit targets a privilege escalation vulnerability in SureTriggers OttoKit Plugin ≤ 1.0.82. It leverages an uninitialized plugin state to create an administrator account via a REST API endpoint.

The repository contains detailed technical writeups for multiple CVEs, including CVE-2024-10914 (command injection in account_mgr.cgi), CVE-2024-22024 (XXE in Ivanti Connect Secure), and CVE-2024-22120 (SQLi to RCE in Zabbix). Each writeup includes vulnerability descriptions, proof-of-concept examples, mitigation recommendations, and references.

This repository provides a working proof-of-concept for CVE-2025-27007, an authentication bypass and privilege escalation vulnerability in OttoKit (SureTriggers) for WordPress. The exploit leverages an uninitialized plugin state to create an administrator account via a crafted HTTP POST request to the REST API endpoint.

This Metasploit module exploits two distinct authorization bypass vulnerabilities (CVE-2025-3102 and CVE-2025-27007) in the WordPress SureTriggers (OttoKit) plugin to create an administrator account and achieve remote code execution.