CVE-2025-6058

This is a functional exploit for CVE-2025-6058, targeting an unauthenticated file upload vulnerability in the WPBookit WordPress plugin (≤ 1.0.4). It uploads a PHP shell and provides an interactive command execution interface.

This exploit automates the detection and exploitation of an unauthenticated arbitrary file upload vulnerability in WPBookit WordPress plugin versions <= 1.0.4, leading to remote code execution via a PHP shell upload.

The repository contains functional exploit code for CVE-2025-6058, targeting a WordPress plugin (3DPrint Lite 1.9.1.4) with an arbitrary file upload vulnerability. The Python script demonstrates the ability to upload a malicious file to a vulnerable target.

This repository contains two Python scripts for scanning WordPress sites to detect the presence of the WPBookit plugin and check if it is vulnerable to CVE-2025-6058. The scripts perform version checks against a threshold (≤1.0.4) and output results in CSV or text format.