CVE-2025-6934

This repository contains a functional Python exploit for CVE-2025-6934, an unauthenticated privilege escalation vulnerability in the Opal Estate Pro WordPress plugin. The exploit automates version checking, nonce retrieval, and crafted registration requests to create an administrator account.

This repository contains a functional exploit for CVE-2025-6934, an unauthenticated privilege escalation vulnerability in the Opal Estate Pro WordPress plugin (≤ 1.7.5). The exploit automates the creation of an administrator account by leveraging a missing role restriction in the registration function.

This repository contains a functional Python exploit for CVE-2025-6934, an unauthenticated privilege escalation vulnerability in the Opal Estate Pro WordPress plugin (≤ 1.7.5). The exploit automates the creation of an administrator account by leveraging a missing role restriction in the plugin's registration function.

This exploit targets CVE-2025-6934 in the Opal Estate Pro WordPress plugin, allowing unauthenticated privilege escalation by creating an administrator account via a crafted registration request with a stolen nonce.

The repository contains a functional exploit for CVE-2025-6934, an unauthenticated privilege escalation vulnerability in the Opal Estate Pro WordPress plugin (≤ v1.7.5). The exploit bypasses nonce validation to create an administrator account via a crafted request to `/wp-admin/admin-ajax.php`.

The repository contains a functional proof-of-concept for CVE-2025-6934, demonstrating an unauthenticated privilege escalation vulnerability in the WordPress OpalEstate plugin. The exploit leverages insecure handling of the `role` parameter in the `opalestate_register_form` AJAX action to register an administrator account.

This repository contains a functional exploit for CVE-2025-6934, targeting a WordPress plugin vulnerability that allows unauthenticated user registration with administrator privileges. The exploit automates the retrieval of a nonce and crafts a malicious request to elevate privileges.

This repository contains a functional exploit for CVE-2025-6934, which targets an unauthenticated privilege escalation vulnerability in the Opal Estate Pro WordPress plugin (≤ 1.7.5). The exploit automates the creation of an administrator account by leveraging missing role restrictions in the plugin's registration function.

This repository contains a functional exploit for CVE-2025-6934, targeting a vulnerability in the Opal Estate Pro WordPress plugin. The exploit automates the creation of an administrator account by leveraging a nonce bypass and crafted AJAX requests.

The repository contains only a YAML file and a minimal README with no functional exploit code or technical details. The YAML file is empty, and the README lacks any meaningful content.

The repository contains functional exploit code for CVE-2025-6934, targeting a WordPress plugin (3DPrint Lite 1.9.1.4) with an arbitrary file upload vulnerability. The Python script demonstrates the ability to upload a malicious file to a vulnerable target.

This Python script exploits an authentication bypass vulnerability in a WordPress plugin (likely Opal Estate) by leveraging a nonce retrieval mechanism and multiple payload variants to register an administrator account. The exploit automates the process of generating random credentials and testing different data structures to achieve unauthorized account creation.

The repository claims to be a PoC for CVE-2025-6934 targeting WordPress Plugin Opal Estate Pro, but the main.py file contains obfuscated code that decrypts and executes an external payload, indicating malicious intent.