CVE-2026-1357

This repository contains a functional SQL injection exploit for CVE-2025-10042, targeting WordPress Quiz Maker plugin versions <= 6.7.0.56. The exploit uses time-based blind SQLi to extract admin credentials and hashes.

This repository contains a functional exploit for CVE-2026-1357, an unauthenticated RCE vulnerability in WPvivid Backup & Migration. The exploit chains a crypto fail-open bug with path traversal to upload a malicious file, demonstrating the vulnerability with post-exploitation capabilities.

This repository contains a functional exploit for CVE-2026-1357, targeting an unauthenticated arbitrary file upload vulnerability in WPvivid Backup & Migration plugin (≤ 0.9.123). The exploit leverages a cryptographic fail-open (null AES key) and path traversal to achieve remote code execution (RCE).

This repository contains a functional exploit for CVE-2026-1357, an unauthenticated arbitrary file upload vulnerability in WPvivid Backup & Migration plugin (versions <= 0.9.123). The exploit leverages a cryptographic fail-open flaw combined with path traversal to achieve remote code execution.

This repository contains a functional exploit for CVE-2026-1357, targeting a vulnerability in the WPvivid Backup plugin. The exploit leverages a null byte key decryption flaw and directory traversal to upload a malicious PHP webshell, achieving remote code execution (RCE).

This repository contains a functional exploit PoC for CVE-2026-1357, targeting an unauthenticated RCE vulnerability in WPvivid Backup & Migration plugin versions ≤ 0.9.123. The exploit uploads a malicious payload via the 'send_to_site' action and achieves remote code execution through a webshell.

This repository contains a functional exploit for CVE-2026-1357, targeting a cryptographic failure and directory traversal in the WPvivid WordPress plugin to achieve unauthenticated RCE via file upload. The PoC includes a Docker-based lab environment and a Python script that crafts a malicious payload to bypass authentication and upload a PHP shell.