CVE-2026-11912

HIGH

Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-11912. PoCs published by Polosss.

AI-analyzed exploit summary This repository contains a functional Python script that exploits CVE-2026-11912, an unauthenticated file modification vulnerability in the Simple File List WordPress plugin. The script automates nonce extraction and brute-forces file operations, including path traversal to delete critical files like wp-config.php.

Description

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated.

Exploits (1)

github WORKING POC 1 stars

by Polosss · pythonpoc

https://github.com/Polosss/By-Poloss..-..CVE-2026-11912

View Code ZIP pw:eip

This repository contains a functional Python script that exploits CVE-2026-11912, an unauthenticated file modification vulnerability in the Simple File List WordPress plugin. The script automates nonce extraction and brute-forces file operations, including path traversal to delete critical files like wp-config.php.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Simple File List WordPress plugin <= 6.3.7

No auth needed

Prerequisites: WordPress site with vulnerable Simple File List plugin · Access to the target's frontend to extract nonce

MITRE ATT&CK