CVE-2025-34077

CRITICAL NUCLEI

WordPress Pie Register <3.7.1.4 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2025-34077. PoCs published by Md Amanat Ullah (xSwads), Lotfi13-DZ, 0xgh057r3c0n, including Metasploit module exploits/unix/webapp/wp_pie_register_bypass_rce. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit leverages an authentication bypass in Pie Register WordPress Plugin (CVE-2025-34077) to upload a malicious plugin containing a PHP web shell, achieving remote code execution (RCE). The script automates the process for multiple targets using threading.

Description

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social_site=true and manipulating the user_id_social_site parameter, an attacker can generate a valid WordPress session cookie for any user ID, including administrators. Once authenticated, the attacker may exploit plugin upload functionality to install a malicious plugin containing arbitrary PHP code, resulting in remote code execution on the underlying server.

Exploits (6)

exploitdb WORKING POC
by Md Amanat Ullah (xSwads) · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52370

This exploit leverages an authentication bypass in Pie Register WordPress Plugin (CVE-2025-34077) to upload a malicious plugin containing a PHP web shell, achieving remote code execution (RCE). The script automates the process for multiple targets using threading.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Pie Register WordPress Plugin <= 3.7.1.4
No auth needed
Prerequisites: Target running vulnerable Pie Register plugin · Network access to WordPress admin interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Lotfi13-DZ · textwebappsphp
https://www.exploit-db.com/exploits/50395

This exploit demonstrates an unauthenticated privilege escalation vulnerability in the WordPress Pie Register plugin (version <= 3.7.1.4). By sending a crafted POST request with specific parameters, an attacker can obtain authentication cookies for the admin user (ID 1).

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: WordPress Pie Register plugin <= 3.7.1.4
No auth needed
Prerequisites: Target must have the vulnerable Pie Register plugin installed and activated
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by 0xgh057r3c0n · poc
https://github.com/0xgh057r3c0n/CVE-2025-34077

This PoC exploits an unauthenticated admin session hijack vulnerability in the Pie Register WordPress plugin (≤ 3.7.1.4) by sending a crafted POST request to extract valid admin cookies.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Pie Register WordPress plugin ≤ 3.7.1.4
No auth needed
Prerequisites: Target must have Pie Register plugin ≤ 3.7.1.4 installed · Target must be a WordPress site
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by salimelh94 · poc
https://github.com/salimelh94/Web-Penetration-Test

This repository provides a detailed walkthrough of exploiting CVE-2025-34077 in the Pie Register WordPress plugin, including steps for authentication bypass, privilege escalation, and achieving a reverse shell. It includes screenshots and explanations of the process but lacks actual exploit code.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: WordPress Pie Register plugin v3.7.1.4
No auth needed
Prerequisites: WordPress site with Pie Register plugin v3.7.1.4 · Nmap for scanning · WPScan for enumeration · Metasploit for exploitation · Netcat for reverse shell
devstral-2 · analyzed Apr 10, 2026 Full analysis →
nomisec WORKING POC
by MrjHaxcore · poc
https://github.com/MrjHaxcore/CVE-2025-34077

This PoC exploits an unauthenticated admin session hijack vulnerability in the WordPress Pie Register plugin (≤ 3.7.1.4) by sending a crafted POST request to steal admin session cookies.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: WordPress Pie Register plugin ≤ 3.7.1.4
No auth needed
Prerequisites: Target running vulnerable Pie Register plugin · Network access to the WordPress site
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by h00die, Lotfi13-DZ · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wp_pie_register_bypass_rce.rb

This Metasploit module exploits an authentication bypass vulnerability in WordPress Plugin Pie Register <= 3.7.1.4 to generate a valid admin cookie, then uploads a malicious plugin containing a PHP payload for remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WordPress Plugin Pie Register <= 3.7.1.4
No auth needed
Prerequisites: WordPress installation with vulnerable Pie Register plugin · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WordPress Pie Register <= 3.7.1.4 - Authentication Bypass
CRITICALVERIFIEDby kylew1004

References (6)

Core 6

Scores

CVSS v4 10.0
EPSS 0.7624
EPSS Percentile 99.0%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-306 CWE-434 CWE-94
Status published
Products (1)
Genetech Solutions/WordPress Pie Register Plugin < 3.7.1.4
Published Jul 09, 2025
Tracked Since Feb 18, 2026