{"vulnerability": "CVE-2024-25600", "sightings": [{"uuid": "87196370-1001-4914-ab69-33b302282eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "596b1e27-e78c-4e50-ba7d-5e1731de5d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_bricks_builder_rce.rb", "content": "", "creation_timestamp": "2024-03-26T22:02:59.000000Z"}, {"uuid": "5f00357c-6d51-4925-94ab-b240166e191a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "400be915-8497-4b79-851f-32efed47662b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/xVga4VsVOzuOqFeH2RVigZleTHo-VBKcq_ryjvGXYih2ZyY", "content": "", "creation_timestamp": "2026-01-04T11:00:11.000000Z"}, {"uuid": "b7cd5f36-57d8-454a-ab86-c7e57e2a51b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/0bJSKxyjZBA6bM8LIY_dM10Y0vZ3aj2H-RprKYJDZxbBuI0", "content": "", "creation_timestamp": "2024-11-20T04:22:32.000000Z"}, {"uuid": "66975cf9-5422-49d9-bef7-d9443a380c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/HxPhOuZdlYJxjC17hMJ2XIMFnAQ8LoPmBO7g9F6afCw9cC8", "content": "", "creation_timestamp": "2024-11-21T05:41:14.000000Z"}, {"uuid": "faa757e6-9eae-42c5-afdb-a79ff63401cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/29438", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aUnauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.\nURL\uff1ahttps://github.com/cboss43/CVE-2024-25600\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-03T13:59:51.000000Z"}, {"uuid": "15b7d3fb-5101-4889-98f8-f4119eafe5ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7124", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWORDPRESS-CVE-2024-25600-EXPLOIT-RCE - WordPress Bricks Builder Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/X-Projetion/WORDPRESS-CVE-2024-25600-EXPLOIT-RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-04-20T06:37:12.000000Z"}, {"uuid": "30e86d3a-8399-4e23-bd45-9cef524e369a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7468", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-24919 PoC\nURL\uff1ahttps://github.com/0bl1v10nf0rg0773n/0BL1V10N-CVE-2024-25600-Bricks-Builder-plugin-for-WordPress\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-30T17:02:46.000000Z"}, {"uuid": "d30a772a-8262-453b-9938-ae9b69cb6561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/eU5TW0NrIabaH627FpFKhEBuxk5i4RkIq4T6rxIMq7cGCQ", "content": "", "creation_timestamp": "2025-03-05T22:29:05.000000Z"}, {"uuid": "6d7694a8-b5f3-413d-8f24-06ef609988e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/aJSulEfzlvWzvTMBfPk51bbTeaXii0v458D9js_bSuDvORY", "content": "", "creation_timestamp": "2025-07-26T15:00:07.000000Z"}, {"uuid": "c52eb30d-54ec-442b-93a2-c21a2b291623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/hackyourmom/7139", "content": "\u26a1\ufe0f\u0412\u0438\u044f\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0443 \u0442\u0435\u043c\u0456 Bricks \u0434\u043b\u044f WordPress, \u043f\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u044f\u043a CVE-2024-25600 \u0437 \u043e\u0446\u0456\u043d\u043a\u043e\u044e CVSS 9,8, \u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u0456\u0434 \u0437\u0430\u0433\u0440\u043e\u0437\u0443 \u0431\u0435\u0437\u043f\u0435\u043a\u0443 \u043f\u043e\u043d\u0430\u0434 25 000 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0456\u0432, \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0447\u0438 \u043d\u0435\u0430\u0432\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u043e\u0432\u0430\u043d\u0438\u043c \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0430\u043c \u0432\u0438\u043a\u043e\u043d\u0443\u0432\u0430\u0442\u0438 \u0434\u043e\u0432\u0456\u043b\u044c\u043d\u0438\u0439 PHP-\u043a\u043e\u0434 \ud83d\udc7e", "creation_timestamp": "2024-02-21T12:14:35.000000Z"}, {"uuid": "23118726-83d8-4972-8c38-e96ec3222e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/471", "content": "#cve #tools #exploit\n\nCVE-2024-25600: WordPress RCE\ud83d\udc69\u200d\ud83d\udcbb\n\n\u042d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442  \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-25600 , \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Bricks Builder \u0434\u043b\u044f WordPress. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0430\u0445 . \u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u0443\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0430\u044f \u043d\u0435\u0441\u044b \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\n\nGitHub", "creation_timestamp": "2024-02-22T03:34:43.000000Z"}, {"uuid": "e07c63a3-5d4e-46fe-996a-86296df27663", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/130", "content": "#CVE #wordpress\n\u0412 WordPress \u0432\u044b\u0448\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-25600 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Bricks Builder (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438  1.9.6.1). \nBricks Builder - \u044d\u0442\u043e \u043f\u043e \u0441\u0443\u0442\u0438 \u043a\u0430\u0441\u0442\u0438\u043c\u0438\u0437\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0442\u0435\u043c\u0430 \u043d\u0430\u0434 WordPress \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0438\u0437\u0443\u0430\u043b\u044c\u043d\u043e \u043c\u0435\u043d\u044f\u0442\u044c \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0441\u0430\u0439\u0442\u0430 \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u0441\u0430\u0439\u0442\u0430.\n\n\u0425\u043e\u0440\u043e\u0448\u0438\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 https://patchstack.com/articles/critical-rce-patched-in-bricks-builder-theme/\n\n\u0415\u0441\u043b\u0438 \u043a\u0440\u0430\u0442\u043a\u043e, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 eval() \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442: https://github.com/Chocapikk/CVE-2024-25600\n\u0412 \u0432\u0438\u0434\u0435 Nuclei-\u0448\u0430\u0431\u043b\u043e\u043d\u0430: https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template", "creation_timestamp": "2024-03-01T21:36:09.000000Z"}, {"uuid": "7e010ae0-6205-412a-bfae-d8ac3a6fb8cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/4436", "content": "CVE     : CVE-2024-25600\nExploit : WordPress Bricks Builder Remote Code Execution (RCE)\nCMS     : WordPress\nChannel : https://t.me/oxlogs", "creation_timestamp": "2025-05-04T07:31:22.000000Z"}, {"uuid": "d6f1cb4a-3a02-49de-816d-073610b4b98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/15527", "content": "CVE-2024\u201325600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTY: https://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5", "creation_timestamp": "2024-10-09T08:42:22.000000Z"}, {"uuid": "4e9cad7a-66e0-422d-8792-514c988e1d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/bexsop/370", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-06-14T13:46:34.000000Z"}, {"uuid": "026dd9b8-3c89-40dd-9353-c0a2b51ea5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/six5zeroexploit/90", "content": "If You Want Private Tools For Good Result DM: Click me\nJoin and Share https://t.me/six5zeroexploit", "creation_timestamp": "2024-12-01T19:16:56.000000Z"}, {"uuid": "facb5b38-ed44-4170-9820-40770c827097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/4049", "content": "\u2620\ufe0fCVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\n\u2708\ufe0fEnjoy", "creation_timestamp": "2025-03-05T23:29:05.000000Z"}, {"uuid": "2461ecc0-0fcf-484d-b15a-34846134f1c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/3Lc7ABk1zYsfIgBesKJ9-OEpNRQve6TOzYHRZGKUDUi5_uRi", "content": "", "creation_timestamp": "2024-02-28T21:53:23.000000Z"}, {"uuid": "1e178a9d-6351-4cf3-b015-74ce50ed6765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/h0rn3t_sp1d3rs/494", "content": "\u2668\ufe0f YOU NEED ? \n\n\u2705 Advanced software to exploit cve-2024 vulnerabilities.\n\n\u27a1\ufe0f CVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE] \n\n\u27a1\ufe0f CVE-2024-1210 -\u00a0 Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE] \n\n\u27a1\ufe0f CVE-2024-21644 - pyLoad - Flask Config < Access Control [AC] \n\n\u27a1\ufe0f CVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW] \n \n\ud83d\uded2 Dm @h0rn3t_sp1d3r \u2708\ufe0f", "creation_timestamp": "2024-03-18T19:56:23.000000Z"}, {"uuid": "c199a92e-a112-43a7-af4f-78b017d39c60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/166", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:09:47.000000Z"}, {"uuid": "f4d2a709-6858-43e9-9fb2-c4422871b57c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/13179", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n\n- Hole in Bricks plugin Builder\n\n- requirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n\n\n#RCE #wordpress", "creation_timestamp": "2024-04-02T02:01:38.000000Z"}, {"uuid": "51a4b900-9fee-467a-b840-20f42932f30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/14040", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n*\n\u0414\u044b\u0440\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Bricks Builder\n*\nrequirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n*\n\n#RCE #wordpress", "creation_timestamp": "2024-04-02T08:29:39.000000Z"}, {"uuid": "0c4fca99-3275-47d7-b209-014062ea67bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/10405", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n\n- Hole in Bricks plugin Builder\n\n- requirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n\n\n#RCE #wordpress", "creation_timestamp": "2024-04-02T00:58:33.000000Z"}, {"uuid": "e78cde13-76be-4e14-abac-01ef380f594c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/TJyTqjGuKoeyQsqJBRghKspB6mZD1yySHXwgvIUIoB3qUVs", "content": "", "creation_timestamp": "2025-03-31T11:00:06.000000Z"}, {"uuid": "f558c35f-6f9b-4328-bfcd-e9f37765ce2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/1595", "content": "If You Want Private Tools For Good Result DM: Click me\nJoin and Share https://t.me/six5zeroexploit", "creation_timestamp": "2024-12-01T19:17:55.000000Z"}, {"uuid": "34e87e2b-328f-452f-bcd4-3f91db7d5eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/Ls7zoxtL1ogCq0HrQm0aHYF9I83EKGM--uxzxqG4JVc1G9E", "content": "", "creation_timestamp": "2025-04-10T21:00:06.000000Z"}, {"uuid": "a1699cc9-887c-459e-9d84-354c619d2f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/sU-jNaPMtLGhQJIUlK_Y1eVeodJiHQnKe9p9PX30oKjDADc", "content": "", "creation_timestamp": "2025-01-29T12:30:50.000000Z"}, {"uuid": "45a97918-853d-4f58-9870-eab27850428a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/bads_community/70645", "content": "If You Want Private Tools For Good Result DM: Click me\nJoin and Share https://t.me/six5zeroexploit", "creation_timestamp": "2024-12-01T19:17:55.000000Z"}, {"uuid": "26e7c9f3-bf7e-4d3a-9ade-37ad90ed9ba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/P-MMRzhkWfYVd_dumlZOPnB40IKywh2dEVqz_apUhr1-c7M", "content": "", "creation_timestamp": "2026-01-04T15:00:07.000000Z"}, {"uuid": "3b5627c1-5b3d-493e-9cb1-dd42de54794d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6655", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis tool checks for the CVE-2024-25600 vulnerability in WordPress sites by sending a specific POST request and analyzing the response.\nURL\uff1ahttps://github.com/h0tak88r/CVE-2024-25600\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-22T00:05:41.000000Z"}, {"uuid": "5078ee84-6477-423f-975b-40d76411d1e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6654", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis tool checks for the CVE-2024-25600 vulnerability in WordPress sites by sending a specific POST request and analyzing the response.\nURL\uff1ahttps://github.com/h0tak88r/CVE-2024-25600checker\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-21T23:24:25.000000Z"}, {"uuid": "33fdf97a-e34f-48ae-bb16-660b9511664c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6698", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-03-01T09:53:14.000000Z"}, {"uuid": "6471b3de-ca35-4c95-8915-ab11c7e31ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/30394", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aUnauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.\nURL\uff1ahttps://github.com/Karitosmuan/Office-Exploit-Cve2025-Xml-Doc-Docx-Rce-Builder-Fud\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-07T17:46:40.000000Z"}, {"uuid": "0629d67a-7857-4da1-b2fb-cb92436f208f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/45430", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC for CVE-2024-25600 (Bricks Builder RCE) \u2014 educational use only\nURL\uff1ahttps://github.com/frankfm-labs/bricks-rce\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-26T09:40:46.000000Z"}, {"uuid": "6057f739-5b0f-4dbf-8196-4abf69030688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/201", "content": "\ud83d\udd27 CVE Exploitation Tools (2024\u20132025)\n\n1. CVE-2024-25600 \u2013 WordPress Bricks Builder RCE\n\n2. CVE-2024-24919 \u2013 Check Point Security Gateway RCE\n\n3. CVE-2024-29025 \u2013 Netty HttpPostRequestDecoder DoS\n\n4. CVE-2024-21525 \u2013 node-twain Buffer Overflow\n\n5. CVE-2024-3094 \u2013 XZ Backdoor Detector\n\n6. CVE-2024-21515 \u2013 OpenCart Reflected XSS\n\n7. CVE-2024-21552 \u2013 SuperAGI Arbitrary Code Execution\n\n8. CVE-2024-56249 \u2013 WordPress WPMasterToolKit Arbitrary File Upload\n\n9. CVE-2024-24919 \u2013 Check Point VPN Exploit\n\n10. CVE-2024-24919 \u2013 Python Exploit Script\n\nPython script to exploit CVE-2024-24919 vulnerability.\n\nGitHub: LucasKatashi/CVE-2024-24919\n\n11. CVE-2024-24919 \u2013 Exploit PoC\n\nProof-of-Concept for exploiting CVE-2024-24919.\n\nGitHub: seed1337/CVE-2024-24919-POC\n\n12. CVE-2024-24919 \u2013 Check Point Remote Access VPN Exploit\n\nScripts to exploit CVE-2024-24919 in Check Point VPNs.\n\nGitHub: Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN\n\n13. CVE-2024-25600 \u2013 Alternate Exploit Script\n\nAnother implementation to exploit Bricks Builder RCE.\n\nGitHub: meli0dasH4ck3r/cve-2024-25600\n\n14. CVE-2024-25600 \u2013 Exploit Script\n\nPython script to exploit Bricks Builder RCE vulnerability.\n\nGitHub: K3ysTr0K3R/CVE-2024-25600-EXPLOIT \n\n\n\ud83d\udd27 CVE Exploitation Tools & Frameworks\n\n1. trickest/cve\n\n\ud83d\udd17 https://github.com/trickest/cve\n\n2. PayloadsAllTheThings \u2013 CVE Exploits\n\n\ud83d\udd17 https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits/README.md\n\n3. qazbnm456/awesome-cve-poc\n\n\ud83d\udd17 https://github.com/qazbnm456/awesome-cve-poc\n\n4. intel/cve-bin-tool\n\n\ud83d\udd17 https://github.com/intel/cve-bin-tool\n\n5. cve-search/cve-search\nN\n\n\ud83d\udd17 https://github.com/cve-search/cve-search\n\n6. vertoforce/CVE-Enrichment\n\n\ud83d\udd17 https://github.com/vertoforce/CVE-Enrichment\n\n7. TURROKS/CVE_Prioritizer\n\n\ud83d\udd17 https://github.com/TURROKS/CVE_Prioritizer\n\n8. clearlinux/cve-check-tool\n\n\ud83d\udd17 https://github.com/clearlinux/cve-check-tool\n\n9. cddmp/cvecheck\n\n\ud83d\udd17 https://github.com/cddmp/cvecheck\n\n10. center-for-threat-informed-defense/attack_to_cve\n\nMaps MITRE ATT&CK techniques to CVEs to characterize vulnerability impacts.\n\n\ud83d\udd17 https://github.com/center-for-threat-informed-defense/attack_to_cve\n\n\n\ud83e\uddea Specific CVE Exploit Tools\n\n11. CVE-2024-25600 Exploit Tool\n\nDesigned to exploit a vulnerability in the Bricks Builder plugin for WordPress.\n\n\ud83d\udd17 https://github.com/Chocapikk/CVE-2024-25600\n\n12. RevoltSecurities/CVE-2024-24919\n\nTool to detect and exploit CVE-2024-24919 vulnerability.\n\n\ud83d\udd17 https://github.com/RevoltSecurities/CVE-2024-24919\n\n13. ROCA Detection Tool\n\nDetects RSA keys vulnerable to the ROCA vulnerability (CVE-2017-15361).\n\n\ud83d\udd17 https://github.com/crocs-muni/roca\n\n\ud83d\udee0\ufe0f Additional Tools & Resources\n\n14. Goby\n\nA network security assessment tool that can scan for vulnerabilities and map attack surfaces.\n\n\ud83d\udd17 https://github.com/gobysec/Goby\n\n15. awesome-pentestu\n\nA curated list of penetration testing resources, including tools for CVE exploitation.\n\n\ud83d\udd17 https://github.com/enaqx/awesome-pentest\n\n16. awesome-bugbounty-tools\n\nA collection of tools useful for bug bounty hunting, some of which relate to CVE exploitation.\n\n\ud83d\udd17 https://github.com/vavkamil/awesome-bugbounty-tools\n\n17. cyberguideme/Tools\n\nA repository of various cybersecurity tools, including those for exploiting known vulnerabilities.\n\n\ud83d\udd17 https://github.com/cyberguideme/Tools\n\n\n#GrayHats", "creation_timestamp": "2025-04-18T19:33:22.000000Z"}, {"uuid": "ade14ab5-198d-46b1-a2e1-fbcd321d9498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/AkbAC4XDrj3UInDaif1C5PfX8SBa-p7KQxfgcU9zSj6-koI", "content": "", "creation_timestamp": "2025-07-10T23:00:10.000000Z"}, {"uuid": "306af8a6-e4f3-4b36-a593-9a142ee077c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/gqJKWC_VHFkqVqMscxpsv6caAfESbMFCUNnFjr9DEzVpA70", "content": "", "creation_timestamp": "2024-11-21T05:40:12.000000Z"}, {"uuid": "f8f476a2-966d-4213-b822-3ce95606e844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/1hMFFzMWhopM_0_coaMBW3oWeyWVeRTpFrQl9n1kDXx6ftc", "content": "", "creation_timestamp": "2024-11-20T04:23:34.000000Z"}, {"uuid": "38b9ab1b-0e2e-4cec-b5bf-4cd305634387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/VxSrgeL48yKp02CyiYpIqcnEIbtx1Ywy5vYO9mdisTJFaA", "content": "", "creation_timestamp": "2024-02-22T08:35:34.000000Z"}, {"uuid": "6f722228-4085-4cca-9858-c1ff7b19f6af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "Telegram/0OMxSfo6PWHdjqJAd6WogyTJvQRKY_lhNy48UYmllxPrrA", "content": "", "creation_timestamp": "2025-04-05T11:26:50.000000Z"}, {"uuid": "990703fd-91f8-4102-b9f8-5e2c3780b541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/NrROz3PLgLjm1yNyKdm0JYhL-rJbXyYe5lEvfpGovq1wpw", "content": "", "creation_timestamp": "2024-02-26T17:03:11.000000Z"}, {"uuid": "5defe047-fc89-4b60-b58f-141accc48f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/9Gc35rFYl0_wc5UEVG_8E25HmrlSb2BZ4gMAYYIl4lrO8w", "content": "", "creation_timestamp": "2024-02-25T16:59:19.000000Z"}, {"uuid": "a36e2230-97b5-4650-ac05-00974e021820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/uCNHbla3Hgr0AIydo3NI7uAirjRk7mco7B-ii02p-2oCYA", "content": "", "creation_timestamp": "2024-02-22T06:49:47.000000Z"}, {"uuid": "cc9cc71b-4a0a-4170-b9a4-a751483f62b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/b_V-8qurzY6ukEH6ykDcErFY2uOudAwFj7pXbB8_wXsf838", "content": "", "creation_timestamp": "2024-04-02T02:01:36.000000Z"}, {"uuid": "a896dbe1-3ec3-4492-8855-ebcb92be85ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/3xvIGFXlsI2CMNfyhKEZRyRs-JQsCAIEhoYg4225TbCKzAc", "content": "", "creation_timestamp": "2024-03-01T01:01:15.000000Z"}, {"uuid": "5f346469-45ef-407d-902a-1692314b557e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "exploited", "source": "Telegram/aU6_8DCaXf2Z_C0XWCMUtFJhml6VR9eMhGZd2HLdY2QtyQ", "content": "", "creation_timestamp": "2024-02-20T11:20:32.000000Z"}, {"uuid": "7289835e-b165-47cb-8add-29dd84bdcc5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/957", "content": "https://github.com/punk-security/dnsReaper\n\nCVEMap\n\n\u0627\u0633\u062a\u0643\u0634\u0641 \u063a\u0627\u0628\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u0627\u0644\u062a\u0639\u0631\u0636\u0627\u062a \u0627\u0644\u0645\u0634\u062a\u0631\u0643\u0629 (CVE) \u0628\u0633\u0647\u0648\u0644\u0629 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 CVEMap\u060c \u0623\u062f\u0627\u0629 \u0648\u0627\u062c\u0647\u0629 \u0633\u0637\u0631 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 (CLI) \u0645\u0635\u0645\u0645\u0629 \u0644\u062a\u0648\u0641\u064a\u0631 \u0648\u0627\u062c\u0647\u0629 \u0645\u0646\u0638\u0645\u0629 \u0648\u0633\u0647\u0644\u0629 \u0627\u0644\u062a\u0635\u0641\u062d \u0644\u0645\u062e\u062a\u0644\u0641 \u0642\u0648\u0627\u0639\u062f \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/projectdiscovery/cvemap)\n\nMetaHub\n\nMetaHub \u0647\u0648 \u0623\u062f\u0627\u0629 \u062a\u062d\u0633\u064a\u0646 \u0648\u062a\u0642\u064a\u064a\u0645 \u062a\u0623\u062b\u064a\u0631 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0633\u064a\u0627\u0642\u064a\u0629 \u0648\u0627\u0644\u0645\u0633\u062a\u0646\u062f\u0629 \u0625\u0644\u0649 \u0627\u0644\u0633\u064a\u0627\u0642 \u062a\u0644\u0642\u0627\u0626\u064a\u064b\u0627 \u0644\u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/gabrielsoltz/metahub)\n\nCLZero\n\n\u0645\u0634\u0631\u0648\u0639 \u0645\u062e\u0635\u0635 \u0644\u0627\u062e\u062a\u0628\u0627\u0631 \u0627\u0644\u062a\u0634\u0648\u064a\u0634 (Fuzzing) \u0639\u0644\u0649 HTTP/1.1 CL.0 \u0644\u0627\u0633\u062a\u0643\u0634\u0627\u0641 \u0647\u062c\u0645\u0627\u062a \u062a\u0634\u0648\u064a\u0634 \u0627\u0644\u0637\u0644\u0628\u0627\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/Moopinger/CLZero)\n\nSQLi_Sleeps\n\n\u0647\u0648 \u0633\u0643\u0631\u0628\u062a \u0628\u0633\u064a\u0637 \u064a\u062a\u064a\u062d \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062b\u063a\u0631\u0627\u062a SQLi \u0648\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0648\u0642\u062a \u0627\u0644\u0627\u0633\u062a\u062c\u0627\u0628\u0629 \u0627\u0644\u0630\u064a \u064a\u0632\u064a\u062f \u0639\u0646 20 \u062b\u0627\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0645\u062a\u0648\u0633\u0637 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u062d\u0642\u0646 \u0642\u0627\u0626\u0645\u0629 \u0639\u0644\u0649 \u0627\u0644\u0648\u0642\u062a.\n\n[\u0631\u0627\u0628\u0637 \u0627\u0644\u0645\u0634\u0631\u0648\u0639 \u0639\u0644\u0649 GitHub](https://github.com/HernanRodriguez1/SQLi_Sleeps)\n\n\u0645\u0634\u0631\u0648\u0639 GitHub - p1radup: \u0645\u0639\u0627\u0644\u062c\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 \u0627\u0644\u0648\u064a\u0628 \u0648\u0625\u0632\u0627\u0644\u0629 \u0645\u0639\u0644\u0645\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0627\u0644\u0645\u0643\u0631\u0631\u0629.\n\nhttps://github.com/iambouali/p1radup\n\n\u0625\u062b\u0628\u0627\u062a \u0627\u0644\u0645\u0641\u0647\u0648\u0645 \u0627\u0644\u0645\u0632\u064a\u0641 CVE-2023-40477 \u064a\u0624\u062f\u064a \u0625\u0644\u0649 VenomRAT\n\n\u064a\u0647\u062f\u0641 PoC \u0625\u0644\u0649 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 WinRAR:\nLink\n\nPoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8\n\nQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\nPOC \n\nNuclei\n\nGitHub - iambouali/p1radup: \u064a\u0639\u0645\u0644 \u0639\u0644\u0649 \u0645\u0639\u0627\u0644\u062c\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 \u0627\u0644\u0648\u064a\u0628 \u0648\u0625\u0632\u0627\u0644\u0629 \u0645\u0639\u0644\u0645\u0627\u062a \u0627\u0644\u0627\u0633\u062a\u0639\u0644\u0627\u0645 \u0627\u0644\u0645\u0643\u0631\u0631\u0629.\n\nhttps://github.com/iambouali/p1radup\n\n\u0645\u0631\u0627\u062c\u0639\u0629: \u0642\u0631\u0627\u0621\u0629 \u062a\u062c\u0631\u0628\u0629 \u0645\u062e\u062a\u0635\u0631\u0629 \u062d\u0648\u0644 \u0627\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0623\u0645\u0627\u0646 \u0645\u0646 \u0642\u0628\u0644 \u062e\u0628\u0631\u0627\u0621\n\nhttps://www.hackerone.com/penetration-testing/pentester-ama-recap\n\n\u0631\u0648\u0627\u0628\u0637 \u0639\u0645\u064a\u0642\u0629 \u0648\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0648\u0627\u062c\u0647\u0627\u062a \u0627\u0644\u0648\u064a\u0628: \u0627\u0644\u062c\u0632\u0621 \u0627\u0644\u0623\u0648\u0644\n\nhttps://medium.com/@justmobilesec/deep-links-webviews-exploitations-part-i-452e8aad124f\n\n\u0628\u0633\u0647\u0648\u0644\u0629\u060c \u0642\u0645 \u0628\u0627\u0644\u062a\u0631\u0642\u064a\u0629 \u0625\u0644\u0649 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631 \u0639\u0644\u0649 \u0647\u0648\u0627\u062a\u0641 Pixel \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u062f\u064a\u0631 \u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0631\u0648\u0631 \u0645\u0646 Google\n\nhttp://security.googleblog.com/2024/01/upgrade-to-passkeys-on-pixel-with-google-password-manager.html", "creation_timestamp": "2024-06-06T23:32:16.000000Z"}, {"uuid": "c47a6a5a-26b9-47c3-913d-98efcc2bcd59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1089", "content": "PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8\n\nQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\nPOC \n\nNuclei", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "cfe777e7-186e-4388-9c37-28eb33060df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/jj_8tl/93", "content": "\u200fPoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks <= 1.9.6 CVSS 9.8\n\n\u200fQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\u200fPoC: https://github.com/Chocapikk/CVE-2024-25600\n\u200fNuclei: https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template", "creation_timestamp": "2024-11-24T14:30:16.000000Z"}, {"uuid": "950a47d0-3575-4242-9053-9e25b8e1513d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/CJmFT6wWP8hLCeafID4PJgNgBeG8WsrBkwaCNkE-jky7a4Ck", "content": "", "creation_timestamp": "2024-11-20T05:23:34.000000Z"}, {"uuid": "8ecefd81-9a3e-43d2-86cd-8476a2f2491c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/5XHTgFlg5RUBWwDQuv4LNeXcU46_RpBEV0icr5HMzVkKv9yI", "content": "", "creation_timestamp": "2024-11-21T06:40:12.000000Z"}, {"uuid": "017e7cba-8def-4619-bbbd-22e8622ae218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1253", "content": "https://github.com/toramanemre/log4j-rce-detect-waf-bypass\nhttps://github.com/trickest/log4j\nhttps://github.com/twseptian/custom-nuclei-templates\nhttps://github.com/umityn/my-nuclei-templates\nhttps://github.com/v3l4r10/Nuclei-Templates\nhttps://github.com/valaDevs/env-js-nuclei\nhttps://github.com/valaDevs/nuclei-backupfile-finder\nhttps://github.com/vidocsecurity/templates\nhttps://github.com/vishal12300/all_nuclei_templatess\nhttps://github.com/vsh00t/nuclei-templates\nhttps://github.com/vulnspace/nuclei-templates\nhttps://github.com/wasp76b/nuclei-templates\nhttps://github.com/wearetyomsmnv/llm_integrated_nuclei_templates\nhttps://github.com/websecresearch/nucleirecordloginsession\nhttps://github.com/windyGarlic/my-nuclei-templates\nhttps://github.com/windyGarlic/nuclei-templates\nhttps://github.com/wr00t/templates\nhttps://github.com/xelemental/Nuclei-Templates\nhttps://github.com/xinZa1/template\nhttps://github.com/xjhonly/nuclei-templates\nhttps://github.com/yarovit-developer/nuclei-templates\nhttps://github.com/yavolo/nuclei-templates\nhttps://github.com/z3bd/nuclei-templates\nhttps://github.com/zer0yu/Open-PoC\nhttps://github.com/zinminphyo0/KozinTemplates\nhttps://github.com/zodmagus/z0ds3c-Nuclei-Templates\nhttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\nhttps://github.com/0xr2r/templates-nucleir2r\nhttps://github.com/al00000000al/my_nuclei_templates\nhttps://github.com/JohnDoeAnonITA/NucleiTemplatePRV\nhttps://github.com/emo-crab/scap-rs\nhttps://github.com/blackvitasoy/nuclei_templates\nhttps://github.com/BattalFaikAktas/custom-nuclei-templates\nhttps://github.com/0xc4sper0/Nuclei-templates\nhttps://github.com/abletsoff/custom-nuclei-templates\nhttps://github.com/rzizah/private-nuclei-template\nhttps://github.com/0xPugal/my-nuclei-templates\nhttps://github.com/jhonnybonny/nuclei-templates-bitrix\nhttps://github.com/Anja-dhnd/templates4nuclei\nhttps://github.com/andersonmv/Nuclei_Templates\nhttps://github.com/pushpak-11/nuclei-templates\nhttps://github.com/chudamax/custom_nuclei_templates\nhttps://github.com/emadshanab/nuclei-bitrix-templates\nhttps://github.com/Sachinart/manual-nuclei-templates\nhttps://github.com/exploit-io/nuclei-fuzz-templates\nhttps://github.com/hackersupcoming/Nuclei_Templates\nhttps://github.com/DiabloHTB/Nuclei-Template-CVE-2024-1561\nhttps://github.com/niranc/Nuclei-personal-templates\nhttps://github.com/Loftven/BIZONE_WAF_DETECt\nhttps://github.com/YashVardhanTrip/nuclei-templates-initial-access\nhttps://github.com/Saitle/Yamilicious\nhttps://github.com/SalehLardhi/nuclei-wp-config-php\nhttps://github.com/c3rrberu5/CVE-2024-24919\nhttps://github.com/0x20c/CVE-2024-4577-nuclei\nhttps://github.com/xungzzz/CVE-2024-4956\nhttps://github.com/ZephrFish/CVE-2024-4577-PHP-RCE\nhttps://github.com/Term1N8/nuclei-templates\nhttps://github.com/KhukuriRimal/CustomNucleiTemplates\nhttps://github.com/stuxctf/nuclei-templates-stux\nhttps://github.com/megamindmeg/Templates\nhttps://github.com/TolgaTD/Nuclei-Custom-Templates\nhttps://github.com/adibarsyad/nuclei-ios\nhttps://github.com/Sysc4ll3r/CVE-2024-4577\nhttps://github.com/adibarsyad/nuclei-jsp-source-code-review\nhttps://github.com/edoardottt/RFDos-Scanner\nhttps://github.com/banditzCyber0x/template\nhttps://github.com/sardine-web/polaris-web-reflected-xss.git\nhttps://github.com/Josekutty-K/nuclei-templates\nhttps://github.com/Mamilate/3-Nuclei-Templates\nhttps://github.com/ReksySec/3Nucleit-Templates\nhttps://github.com/Mohsenalmamun/Nuclei-Template\nhttps://github.com/K3ysTr0K3R/Custom-Nuclei-Templates\nhttps://github.com/br0wnst4n11/Custom_Nuclei_Templates\nhttps://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template\nhttps://github.com/fa-rrel/Nuclei-templates-xd \nhttps://github.com/superhexa/nuclei-templates\nhttps://github.com/ts4rin4/templates4nuclei\nhttps://github.com/jhonnybonny/nuclei-templates", "creation_timestamp": "2025-04-22T02:52:22.000000Z"}, {"uuid": "ec0363ce-183b-4120-a8ff-2a7934ead283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1247", "content": "https://github.com/exploit-io/nuclei-fuzz-templates\nhttps://github.com/yashrupavatiya26/custom-nuclei-template\nhttps://github.com/ts4rin4/templates4nuclei\nhttps://github.com/Caddyshack2175/nuclei-custom-templates\nhttps://github.com/0xr2r/templates-nucleir2r\nhttps://github.com/pushpak-11/customTemplates\nhttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\nhttps://github.com/Shakilll/my_nuclei_templates\nhttps://github.com/xjhonly/nuclei-templates\nhttps://github.com/0x71rex/0-Nuclei-Templates\nhttps://github.com/0xPugal/my-nuclei-templates\nhttps://github.com/damon-sec/TCSZ-Nuclei\nhttps://github.com/qaisarafridi/MY-Nuclei-Templates\nhttps://github.com/badboycxcc/CVE-2023-24100\nhttps://github.com/umityn/my-nuclei-templates\nhttps://github.com/0xKayala/Custom-Nuclei-Templates\nhttps://github.com/thanhnx9/nuclei-templates-cutomer\nhttps://github.com/VulnExpo/nuclei-templates\nhttps://github.com/mdsabbirkhan/0xPugazh-my-nuclei-templates\nhttps://github.com/vulnspace/nuclei-templates\nhttps://github.com/microphone-mathematics/custom-nuclei-templates\nhttps://github.com/praetorian-inc/zeroqlik-detect\nhttps://github.com/hackerhijeck/Fuzzing_with_nuclei\nhttps://github.com/valaDevs/nuclei-backupfile-finder\nhttps://github.com/reewardius/interested-nuclei-templates\nhttps://github.com/zodmagus/z0ds3c-Nuclei-Templates\nhttps://github.com/Mr-xn/CVE-2023-23333\nhttps://github.com/bug-vs-me/WPML-XSS\nhttps://github.com/sudouday/nuclei-templates\nhttps://github.com/cyberheartmi9/Proxyshell-Scanner\nhttps://github.com/numanturle/CVE-2022-41040\nhttps://github.com/numanturle/Log4jNuclei\nhttps://github.com/CharanRayudu/Custom-Nuclei-Templates\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/thebrnwal/Content-Injection-Nuclei-Script\nhttps://github.com/ree4pwn/my-nuclei-templates\nhttps://github.com/peanuth8r/Nuclei_Templates\nhttps://github.com/pikpikcu/nuclei-templates\nhttps://github.com/esetal/nuclei-bb-templates\nhttps://github.com/ARPSyndicate/kenzer-templates\nhttps://github.com/medbsq/ncl\nhttps://github.com/notnotnotveg/nuclei-custom-templates\nhttps://github.com/clarkvoss/Nuclei-Templates\nhttps://github.com/z3bd/nuclei-templates\nhttps://github.com/peanuth8r/Nuclei_Templates\nhttps://github.com/thebrnwal/Content-Injection-Nuclei-Script\nhttps://github.com/ree4pwn/my-nuclei-templates\nhttps://github.com/im403/nuclei-temp\nhttps://github.com/System00-Security/backflow\nhttps://github.com/geeknik/nuclei-templates-1\nhttps://github.com/geeknik/the-nuclei-templates\nhttps://github.com/optiv/mobile-nuclei-templates\nhttps://github.com/obreinx/nuceli-templates\nhttps://github.com/randomstr1ng/nuclei-sap-templates\nhttps://github.com/CharanRayudu/Custom-Nuclei-Templates\nhttps://github.com/n1f2c3/mytemplates\nhttps://github.com/kabilan1290/templates\nhttps://github.com/smaranchand/nuclei-templates\nhttps://github.com/Saimonkabir/Nuclei-Templates\nhttps://github.com/yavolo/nuclei-templates\nhttps://github.com/sadnansakin/my-nuclei-templates\nhttps://github.com/5cr1pt/templates\nhttps://github.com/rahulkadavil/nuclei-templates\nhttps://github.com/shifa123/detections\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/javaongsan/nuclei-templates\nhttps://github.com/AshiqurEmon/nuclei_templates\nhttps://gist.github.com/ResistanceIsUseless/e46848f67706a8aa1205c9d2866bff31\nhttps://github.com/NitinYadav00/My-Nuclei-Templates\nhttps://github.com/sharathkramadas/k8s-nuclei-templates\nhttps://github.com/securitytest3r/nuclei_templates_work\nhttps://github.com/MR-pentestGuy/nuclei-templates\nhttps://github.com/thelabda/nuclei-templates\nhttps://github.com/1in9e/my-nuclei-templates\nhttps://github.com/redteambrasil/nuclei-templates\nhttps://github.com/Saptak9983/Nuclei-Template\nhttps://github.com/Harish4948/Nuclei-Templates\nhttps://github.com/R-s0n/Custom_Vuln_Scan_Templates", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "65545692-8607-4b5f-b09c-41342af07350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1246", "content": "https://github.com/szybnev/nuclei-custom\nhttps://github.com/microphone-mathematics/custom-nuclei-templates\nhttps://github.com/wearetyomsmnv/llm_integrated_nuclei_templates\nhttps://github.com/valaDevs/nuclei-backupfile-finder\nhttps://github.com/imhunterand/nuclei-custom-templates\nhttps://github.com/HernanRodriguez1/ScanReflectedSSTI\nhttps://github.com/praetorian-inc/zeroqlik-detect\nhttps://github.com/anmolksachan/nuclei-templates\nhttps://github.com/kernel-krunch/nuclei-templates\nhttps://github.com/schooldropout1337/nuclei-templates\nhttps://github.com/reewardius/nuclei-templates\nhttps://github.com/Dalaho-bangin/my_nuclei_templates\nhttps://github.com/reewardius/nuclei-special-templates\nhttps://github.com/nicholasaleks/NucleiGPT\nhttps://github.com/Tykerdestroy/Bug-bounty-custom-templates\nhttps://github.com/Mr-B0hl00l/nuclei-templates\nhttps://github.com/zerbaliy3v/custom-nuclei-templates\nhttps://github.com/bhataasim1/PersonalTemplates.git\nhttps://github.com/themastersunil/nucleiDB\nhttps://github.com/Linuxinet/nuclei-templates\nhttps://github.com/Aituglo/nuclei-templates\nhttps://github.com/0XParthJ/Nuclei-Templates\nhttps://github.com/JoshMorrison99/url-based-nuclei-templates\nhttps://github.com/pikpikcu/my-nuclei-templates\nhttps://github.com/SirBugs/Priv8-Nuclei-Templates\nhttps://github.com/projectdiscovery/nuclei-templates\nhttps://github.com/Linuxinet/mobile-nuclei-templates\nhttps://github.com/thelabda/labdanuclei\nhttps://github.com/mosesrenegade/nuclei-templates\nhttps://github.com/kh4sh3i/nuclei-templates\nhttps://github.com/projectdiscovery/fuzzing-templates\nhttps://github.com/PedroF-369/nuclei_templates\nhttps://github.com/0x727/ObserverWard\nhttps://github.com/0xSojalSec/nuclei-templates-websphere-portal-preauth-ssrf\nhttps://github.com/0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736\nhttps://github.com/0xSojalSec/kenzer-templates\nhttps://github.com/0xSojalSec/my-nuclei-templates-1\nhttps://github.com/0xSojalSec/nuclei-templates-5\nhttps://github.com/0xSojalSec/nuclei-templates-4\nhttps://github.com/0xSojalSec/templatesallnuclei\nhttps://github.com/0xSojalSec/Nuclei-Templates-Collection\nhttps://github.com/0xSojalSec/templates-nuclei-Oracle-OAM---XSS\nhttps://github.com/0xSojalSec/Nuclei-Templates-API-Linkfinder\nhttps://github.com/0xSojalSec/nuclei_templates-SymfonyRCE\nhttps://github.com/pdelteil/BugBountyReportTemplates\nhttps://github.com/AshiqurEmon/nuclei_templates\nhttps://github.com/freakyclown/Nuclei_templates\nhttps://github.com/rix4uni/BugBountyTips\nhttps://github.com/bug-vs-me/nuclei\nhttps://github.com/themastersunil/Nuclei-TamplatesBackup\nhttps://github.com/rzizah/private-nuclei-template\nhttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\nhttps://github.com/linuxadi/40k-nuclei-templates\nhttps://github.com/Sachinart/manual-nuclei-templates\nhttps://github.com/N-N33/Community-Nuclei-Templates\nhttps://github.com/freelancermijan/custom-nuclei-templates\nhttps://github.com/jhonnybonny/nuclei-templates-bitrix\nhttps://github.com/emadshanab/nuclei-templates25\nhttps://github.com/yueyejian13/personal-nuclei-templates\nhttps://github.com/kathuluman/Custom-Nuclei-Templates\nhttps://github.com/rahul-nakum14/Recon\nhttps://github.com/exploit-io/nuclei-fuzz-templates\nhttps://github.com/emadshanab/custom-nuclei-template-Subdomain_Takeover_Checker\nhttps://github.com/Anja-dhnd/templates4nuclei\nhttps://github.com/juanschallibaum/CVE-2024-38473-Nuclei-Template\nhttps://github.com/Sachinart/manual-nuclei-templates\nhttps://github.com/N-N33/Community-Nuclei-Templates\nhttps://github.com/freelancermijan/custom-nuclei-templates\nhttps://github.com/jhonnybonny/nuclei-templates-bitrix\nhttps://github.com/exploit-io/nuclei-templates\nhttps://github.com/yueyejian13/personal-nuclei-templates\nhttps://github.com/kathuluman/Custom-Nuclei-Templates\nhttps://github.com/rahul-nakum14/Recon", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "75359c5e-8810-473e-9f40-562e70dd543b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/MoroccanCyberAliens/1245", "content": "\ud83d\udc51By Jokeir 07x\u2705\n\ud83d\udc51\u0627\u0642\u062f\u0645 \u0644\u0643\u0645 \u0633\u0643\u0631\u064a\u0628\u062a \u0644\u064a \u0641\u062d\u0635 \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0645\u0635\u0627\u0628 \u0628\u064a \u062a\u063a\u0631\u0629 RCE CVE-2024-25600  \u2705\n\n\ud83d\udc51\u062a\u0639\u0631\u064a\u0641 \u062a\u0641\u0631\u0629    \ud83d\udc51\n\n\n\ud83d\udc51\u062a\u0645 \u062a\u0635\u0646\u064a\u0641 CVE-2024-25600 \u0636\u0645\u0646 \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f (RCE)\u060c \u0645\u0645\u0627 \u064a\u0645\u0643\u0651\u0646 \u0627\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0645\u0646 \u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u0627\u0644\u062e\u0627\u062f\u0645 \u0644\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0636\u0627\u0631\u0629 \u062f\u0648\u0646 \u0623\u064a \u0645\u0635\u0627\u062f\u0642\u0629. \u062a\u0633\u062a\u063a\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u062b\u063a\u0631\u0629 \u0641\u064a \u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u0627\u0644\u0625\u0636\u0627\u0641\u064a Bricks Builder \u0644\u0625\u062f\u062e\u0627\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u060c \u0645\u0645\u0627 \u064a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u0625\u062f\u062e\u0627\u0644 \u0643\u0648\u062f PHP \u0648\u062a\u0646\u0641\u064a\u0630\u0647 \u0639\u0646 \u0628\u0639\u062f. \u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0624\u062f\u064a \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0625\u0644\u0649 \u0627\u062e\u062a\u0631\u0627\u0642 \u0627\u0644\u0645\u0648\u0642\u0639 \u0628\u0627\u0644\u0643\u0627\u0645\u0644 \u0648\u0633\u0631\u0642\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u0627\u062d\u062a\u0645\u0627\u0644 \u0627\u0646\u062a\u0634\u0627\u0631 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631\u0629 \u0644\u0632\u0648\u0627\u0631 \u0627\u0644\u0645\u0648\u0642\u0639. \ud83d\udc51\n\n\n\ud83d\udc51\u062a\u062d\u0645\u064a\u0644 \u0627\u062f\u0627\u0629\ud83d\udc51\n\ud83d\udc51https://github.com/jokeir07x/RCE.git\ud83d\udc51", "creation_timestamp": "2024-09-04T12:25:12.000000Z"}, {"uuid": "779af759-d070-4780-b8e9-e8d782c3d13e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/14277", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n\n- Hole in Bricks plugin Builder\n\n- requirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n\n\n#RCE #wordpress", "creation_timestamp": "2024-04-02T18:45:42.000000Z"}, {"uuid": "3ae353b3-c11c-4d4a-a7c2-c3e960c0409c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LeakingCode/12981", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-06-16T15:10:15.000000Z"}, {"uuid": "4f08c2d8-bfe9-473a-bdf3-eb6bdd088e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/gptxcG5Jvg83wR56zKKTs8fGBMXLE7PNQ-HCnd7IEVmsKx8", "content": "", "creation_timestamp": "2025-04-05T21:00:06.000000Z"}, {"uuid": "5d3271dc-3e23-45ee-9419-f9b9e85069af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/sQCbqznhLKENEy-bIT4Xf2mLEDHHNqQzKWW8VQqo_AcxwBM", "content": "", "creation_timestamp": "2025-04-04T23:00:05.000000Z"}, {"uuid": "8d4ec7b4-0688-4502-a053-33866b31b5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/aVBd3ldNRLl7Xo5CPtKzp3UErMxRgMRg31wU9VFi81ukDXk", "content": "", "creation_timestamp": "2025-04-04T01:00:08.000000Z"}, {"uuid": "429e1ffe-f742-4c8f-8a2c-bdd8c5890983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/AY95cmPbDu5Ys6k83NsK0yNyOIktNGra7DpD3Rddj1Ig7Pg", "content": "", "creation_timestamp": "2025-04-03T23:00:06.000000Z"}, {"uuid": "e3261273-b070-46a6-9bea-b3ec243aeea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/WXq4AiMGOj-NVni8Z2YvL28ZneqpnYqGf2FE9KxKLNELQcU", "content": "", "creation_timestamp": "2025-01-27T04:00:06.000000Z"}, {"uuid": "daabf500-639f-427f-abef-6896aacbbc3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7899", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:14.000000Z"}, {"uuid": "a94ecff8-30df-434a-8f7e-1d16293a35b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/bads_group/70644", "content": "If You Want Private Tools For Good Result DM: Click me\nJoin and Share https://t.me/six5zeroexploit", "creation_timestamp": "2024-12-01T19:17:29.000000Z"}, {"uuid": "f3d0b101-4371-4a46-b58c-50d5ff599800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3269", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T09:36:25.000000Z"}, {"uuid": "b60f36e9-b2de-4ce4-bb40-ec94c130f2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/313", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]", "creation_timestamp": "2024-02-26T20:19:03.000000Z"}, {"uuid": "0e125006-d779-452b-8bc0-1fb9398bdc81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/j3nQxcg175w1tSZU2Quwmt3OOUKFHc80OkHUPi_csyc7ELg", "content": "", "creation_timestamp": "2024-03-28T06:52:05.000000Z"}, {"uuid": "505c63f8-617c-4edb-8389-a6fa1b16c776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1457", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-09-17T21:29:50.000000Z"}, {"uuid": "cc53f7bf-3e2e-4047-8b27-576e5eb18374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1444", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-09-17T21:29:51.000000Z"}, {"uuid": "02e50320-564c-4742-8b9a-d53a646aa584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1397", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-03-19T16:05:55.000000Z"}, {"uuid": "03a3ea2d-f6aa-40fb-8f7b-18dfab3ca1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/6249", "content": "PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks - 1.9.6 CVSS 9.8\n\nQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\nPOC \n\nNuclei\n\n#POC #Wordpress #RCE #CVE\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2024-02-25T10:49:41.000000Z"}, {"uuid": "e8f3f183-bf4b-4a1c-96e8-0e4e9fdf02b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/leakdataweb/61", "content": "", "creation_timestamp": "2024-10-25T17:36:16.000000Z"}, {"uuid": "eda91dd0-2d35-4bed-ab35-760c18269dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/DEVIL_La_RSx/370", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-11-20T22:32:26.000000Z"}, {"uuid": "2b99bdd4-db45-400b-8d03-f2e660c16dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3llf4jdmeu42l", "content": "", "creation_timestamp": "2025-03-27T20:15:48.783921Z"}, {"uuid": "7d57d644-2f6b-49f1-a5e0-20b7ba50d6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://gist.github.com/rastaa44/5cb49c48ef077755b79f8229d25a8a54", "content": "", "creation_timestamp": "2025-04-01T16:35:55.000000Z"}, {"uuid": "2ec2cb96-5c0d-492f-8372-02a14ec16839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/28351", "content": "\ud83d\udd27 CVE Exploitation Tools (2024\u20132025)\n\n1. CVE-2024-25600 \u2013 WordPress Bricks Builder RCE\n\n2. CVE-2024-24919 \u2013 Check Point Security Gateway RCE\n\n3. CVE-2024-29025 \u2013 Netty HttpPostRequestDecoder DoS\n\n4. CVE-2024-21525 \u2013 node-twain Buffer Overflow\n\n5. CVE-2024-3094 \u2013 XZ Backdoor Detector\n\n6. CVE-2024-21515 \u2013 OpenCart Reflected XSS\n\n7. CVE-2024-21552 \u2013 SuperAGI Arbitrary Code Execution\n\n8. CVE-2024-56249 \u2013 WordPress WPMasterToolKit Arbitrary File Upload\n\n9. CVE-2024-24919 \u2013 Check Point VPN Exploit\n\n10. CVE-2024-24919 \u2013 Python Exploit Script\n\nPython script to exploit CVE-2024-24919 vulnerability.\n\nGitHub: LucasKatashi/CVE-2024-24919\n\n11. CVE-2024-24919 \u2013 Exploit PoC\n\nProof-of-Concept for exploiting CVE-2024-24919.\n\nGitHub: seed1337/CVE-2024-24919-POC\n\n12. CVE-2024-24919 \u2013 Check Point Remote Access VPN Exploit\n\nScripts to exploit CVE-2024-24919 in Check Point VPNs.\n\nGitHub: Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN\n\n13. CVE-2024-25600 \u2013 Alternate Exploit Script\n\nAnother implementation to exploit Bricks Builder RCE.\n\nGitHub: meli0dasH4ck3r/cve-2024-25600\n\n14. CVE-2024-25600 \u2013 Exploit Script\n\nPython script to exploit Bricks Builder RCE vulnerability.\n\nGitHub: K3ysTr0K3R/CVE-2024-25600-EXPLOIT \n\n\n\ud83d\udd27 CVE Exploitation Tools & Frameworks\n\n1. trickest/cve\n\n\ud83d\udd17 https://github.com/trickest/cve\n\n2. PayloadsAllTheThings \u2013 CVE Exploits\n\n\ud83d\udd17 https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits/README.md\n\n3. qazbnm456/awesome-cve-poc\n\n\ud83d\udd17 https://github.com/qazbnm456/awesome-cve-poc\n\n4. intel/cve-bin-tool\n\n\ud83d\udd17 https://github.com/intel/cve-bin-tool\n\n5. cve-search/cve-search\nN\n\n\ud83d\udd17 https://github.com/cve-search/cve-search\n\n6. vertoforce/CVE-Enrichment\n\n\ud83d\udd17 https://github.com/vertoforce/CVE-Enrichment\n\n7. TURROKS/CVE_Prioritizer\n\n\ud83d\udd17 https://github.com/TURROKS/CVE_Prioritizer\n\n8. clearlinux/cve-check-tool\n\n\ud83d\udd17 https://github.com/clearlinux/cve-check-tool\n\n9. cddmp/cvecheck\n\n\ud83d\udd17 https://github.com/cddmp/cvecheck\n\n10. center-for-threat-informed-defense/attack_to_cve\n\nMaps MITRE ATT&CK techniques to CVEs to characterize vulnerability impacts.\n\n\ud83d\udd17 https://github.com/center-for-threat-informed-defense/attack_to_cve\n\n\n\ud83e\uddea Specific CVE Exploit Tools\n\n11. CVE-2024-25600 Exploit Tool\n\nDesigned to exploit a vulnerability in the Bricks Builder plugin for WordPress.\n\n\ud83d\udd17 https://github.com/Chocapikk/CVE-2024-25600\n\n12. RevoltSecurities/CVE-2024-24919\n\nTool to detect and exploit CVE-2024-24919 vulnerability.\n\n\ud83d\udd17 https://github.com/RevoltSecurities/CVE-2024-24919\n\n13. ROCA Detection Tool\n\nDetects RSA keys vulnerable to the ROCA vulnerability (CVE-2017-15361).\n\n\ud83d\udd17 https://github.com/crocs-muni/roca\n\n\ud83d\udee0\ufe0f Additional Tools & Resources\n\n14. Goby\n\nA network security assessment tool that can scan for vulnerabilities and map attack surfaces.\n\n\ud83d\udd17 https://github.com/gobysec/Goby\n\n15. awesome-pentestu\n\nA curated list of penetration testing resources, including tools for CVE exploitation.\n\n\ud83d\udd17 https://github.com/enaqx/awesome-pentest\n\n16. awesome-bugbounty-tools\n\nA collection of tools useful for bug bounty hunting, some of which relate to CVE exploitation.\n\n\ud83d\udd17 https://github.com/vavkamil/awesome-bugbounty-tools\n\n17. cyberguideme/Tools\n\nA repository of various cybersecurity tools, including those for exploiting known vulnerabilities.\n\n\ud83d\udd17 https://github.com/cyberguideme/Tools\n\n\n#GrayHats", "creation_timestamp": "2025-04-18T21:33:21.000000Z"}, {"uuid": "ba34723f-6c64-4bae-a59f-974f94151448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21852", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:19.000000Z"}, {"uuid": "9c3c8be8-c88f-45a2-8860-b0a341834c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/324", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]", "creation_timestamp": "2024-03-22T20:01:24.000000Z"}, {"uuid": "312398fb-0992-4bb0-a65b-1e0c66227ea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/sG1oUXdIpiLv6abwGpHbGev0FpJqEI_-hrlvo-KXW7i1sF2q", "content": "", "creation_timestamp": "2024-11-20T05:23:34.000000Z"}, {"uuid": "e664064b-5258-44c8-988a-789a62c4ef01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/cCwxN8UgYTkEbFUacZx2T1bmefM3jqrfFTsgHJFgePUzn8SH", "content": "", "creation_timestamp": "2024-11-21T06:41:14.000000Z"}, {"uuid": "c6095b84-62d5-4088-9314-c5197e52e17f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1919", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n*\n\u0414\u044b\u0440\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Bricks Builder\n*\nrequirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n*\n\n#RCE #wordpress", "creation_timestamp": "2024-02-21T14:58:42.000000Z"}, {"uuid": "fbde39f8-ae47-4a05-a8e4-de9abfd0d503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/proxy_bar/2572", "content": "CVE-2024-25600 \n*\nWordPress\n*\nBricks Builder <= 1.9.6\n*\nRCE exploit", "creation_timestamp": "2025-03-31T21:43:08.000000Z"}, {"uuid": "c77271d6-a2c5-421c-b076-66c91683601c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6681", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:14.000000Z"}, {"uuid": "e85e09a2-70ff-4214-b5b5-1535efb8fd28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1625", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-11-20T11:01:27.000000Z"}, {"uuid": "f28bd885-6629-4aa7-ae0d-d7c1d2cb2059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1412", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-05-14T19:38:14.000000Z"}, {"uuid": "718be863-0406-4a01-9385-b7f18cb7acd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/BugCod3/468", "content": "\u203c\ufe0f PoC + Nuclei + Query CVE-2024-25600 Unauth RCE - WordPress Bricks <= 1.9.6 CVSS 9.8 \u203c\ufe0f\n\nQuery Fofa: body=\"/wp-content/themes/bricks/\"\n\n\ud83d\udcde PoC\n\ud83c\udf10 Nuclei Template\n\n#BugBounty #Tips #Nuclei #Template\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\ud83d\udc64 T.me/BugCod3BOT \n\ud83d\udce3 T.me/BugCod3", "creation_timestamp": "2024-02-26T15:45:09.000000Z"}, {"uuid": "10302fe1-dece-499d-b627-fdec94ceb49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/oxlogs/15", "content": "CVE     : CVE-2024-25600\nExploit : WordPress Bricks Builder Remote Code Execution (RCE)\nCMS     : WordPress\nChannel : https://t.me/oxlogs", "creation_timestamp": "2024-11-21T07:01:14.000000Z"}, {"uuid": "4e9e1487-9e9d-4d7a-872a-c057beb8d7cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114284644630699455", "content": "", "creation_timestamp": "2025-04-05T09:28:05.905452Z"}, {"uuid": "e5c218ba-7e07-45bd-bcd4-b1e6834626a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114284644630699455", "content": "", "creation_timestamp": "2025-04-05T09:28:05.930383Z"}, {"uuid": "978b89a0-c86e-4dbe-8f58-20a6be5b2988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://gist.github.com/timsonner/7614e0491a2daa063ccffe8fb9040517", "content": "", "creation_timestamp": "2026-01-02T04:55:33.000000Z"}, {"uuid": "035a371e-ff3d-41c7-a86c-75828531626a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/lq4m-JYIdMsfIAsI3lNQ7LcrQOYDBCp5BuoQk99xpsmGKag", "content": "", "creation_timestamp": "2025-11-28T15:00:07.000000Z"}, {"uuid": "51f67e89-e006-4fc1-8508-628b509a5156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6647", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aNuclei template and information about the POC for CVE-2024-25600\nURL\uff1ahttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-21T00:32:44.000000Z"}, {"uuid": "5daa2a4f-bcaf-45c6-8525-21145b5e61b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/32512", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aUnauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.\nURL\uff1ahttps://github.com/lukehebe/CVE-2023-27163\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-17T17:20:05.000000Z"}, {"uuid": "032f331a-4aec-4f95-a353-790f52fde470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27907", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aA PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)(python3)\nURL\uff1ahttps://github.com/so1icitx/CVE-2024-25600\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-31T12:11:39.000000Z"}, {"uuid": "b079c016-1bed-49c2-bd64-8398b51a69d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/36144", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aTools for scan CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE) \nURL\uff1ahttps://github.com/DedsecTeam-BlackHat/Poleposph\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-09T12:18:13.000000Z"}, {"uuid": "f4f7de89-4801-4633-8546-586548d0767f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/md_Hk6QH46OWDs_zz0srgZSRWxrlvYwx0nk0pgAZpXJFxL8", "content": "", "creation_timestamp": "2024-04-02T18:45:41.000000Z"}, {"uuid": "5e5c67a9-4e60-45b2-a7c8-82f3513025e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/Z-2zGl0Njhuwzxw5icL17ss507Rib7WfUL6vCmrla8KB_ro", "content": "", "creation_timestamp": "2024-04-02T08:30:04.000000Z"}, {"uuid": "6d9b6136-ca8c-4f54-b31b-97e2d886d5b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/CRYGt9btFsXp8aGRYMcN1d0utWmlG6QhbkgUm2PcK5p4q_M", "content": "", "creation_timestamp": "2024-04-02T00:58:32.000000Z"}, {"uuid": "7edf88de-9b53-4834-bed0-0c4365a0f2a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/GE8e7oh4QCjMoMuP_Gz-zKy2psEALqroPtSq8qt8H59yha4", "content": "", "creation_timestamp": "2024-04-02T08:29:37.000000Z"}, {"uuid": "3e75c1be-75f5-4da3-a084-b1e256947500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LeakingCode/42136", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-06-16T15:10:16.000000Z"}, {"uuid": "b998176c-8ab6-4ecf-8809-a3f448c2684b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/5wtuBUawfmBgpqWWV5EHlsYg0fOU3PzyjHe2qzgYk5w-", "content": "", "creation_timestamp": "2024-06-14T14:38:05.000000Z"}, {"uuid": "0107688e-2b48-488b-99b4-3d3b46821e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1122", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2025-03-05T14:04:07.000000Z"}, {"uuid": "93a727ff-2d7d-4a4d-bcd4-d02c29a05fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "exploited", "source": "Telegram/kHlRC3SWOIV4elFoTwQttUfL6OQGeloDKaQFUppAUyJ5Ww", "content": "", "creation_timestamp": "2024-02-20T10:44:45.000000Z"}, {"uuid": "94c3e62c-e8b6-4c77-adb6-d263dffc92dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/14154", "content": "CVE-2024-25600 wordpress Exploit (RCE)\n\n- Hole in Bricks plugin Builder\n\n- requirements:\nalive_progress\nbs4\nprompt_toolkit\nrequests\nrich\n\n\n#RCE #wordpress", "creation_timestamp": "2024-04-02T08:30:05.000000Z"}, {"uuid": "acac4885-fd39-4b5c-b389-4918f5b8e02b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "exploited", "source": "https://t.me/KomunitiSiber/1514", "content": "WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites\nhttps://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html\n\nA critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations.\nThe flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6.\nIt has been addressed by the theme developers in&", "creation_timestamp": "2024-02-20T11:00:52.000000Z"}, {"uuid": "588d67a2-9e3e-4662-a109-bf7284dd47e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/mdXOdpecd3YI3AgX0TS0pDTAKq9R7rqKGN3qwqhQ8UcEmno", "content": "", "creation_timestamp": "2025-03-31T21:00:08.000000Z"}, {"uuid": "103cbad0-a6a6-484e-b75e-cbf4267145bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/p089QZHHyAEAyqoURuBtATbEGDHKoGDRX8831A0QvWsHGag", "content": "", "creation_timestamp": "2025-04-10T05:00:06.000000Z"}, {"uuid": "ad6fbb34-9d68-4d29-88d6-690c2aaa00c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "Telegram/Q4_30c0cLN7tDrV-0ikff1vSbLor74SgOPd5XzI6s8FsKrI", "content": "", "creation_timestamp": "2024-10-13T18:46:51.000000Z"}, {"uuid": "80d564b3-0b7a-4ead-8ee8-28d015acb469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/mad_hackers_community/435", "content": "If You Want Private Tools For Good Result DM: Click me\nJoin and Share https://t.me/six5zeroexploit", "creation_timestamp": "2024-12-01T19:18:06.000000Z"}, {"uuid": "a5d40c60-d769-4fbc-a214-9b678fe301f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1404", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-04-03T19:16:45.000000Z"}, {"uuid": "a0cb97d6-4fa4-45e1-8c96-0ce4b6c6b821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1425", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-04-27T16:50:04.000000Z"}, {"uuid": "4cf97cc9-cb73-4c11-8e03-2e6869635343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1380", "content": "CVEploiter v1.0.0.0\n\nAdvanced software to exploit cve-2024 vulnerabilities.\n\nCVE-2024-25600 - Wordpress - Bricks < Remote Code Execution [RCE]\n\nCVE-2024-1210 -  Wordpress - LearnDash LMS < Sensitive Information Exposure [SIE]\n\nCVE-2024-21644 - pyLoad - Flask Config < Access Control [AC]\n\nCVE-2024-0713 - Monitorr Services Configuration - Spawn Webshell [SW]\n\nEnjoy;", "creation_timestamp": "2024-02-23T22:03:27.000000Z"}, {"uuid": "6dc39dfa-bc4e-4a7d-8f99-d28a6ca85aa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "exploited", "source": "https://t.me/MrVGunz/1213", "content": "\ud83d\udccd \u0647\u0634\u062f\u0627\u0631: \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0627\u0641\u0632\u0648\u0646\u0647 \u0628\u0631\u06cc\u06a9\u0633 \u0628\u06cc\u0644\u062f\u0631 \u0648\u0631\u062f\u067e\u0631\u0633\n\n\u062f\u0631 \u062a\u0627\u0632\u0647\u200c\u062a\u0631\u06cc\u0646 \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0627\u0641\u0632\u0648\u0646\u0647 \u0628\u0631\u06cc\u06a9\u0633 \u0628\u06cc\u0644\u062f\u0631 \u0648\u0631\u062f\u067e\u0631\u0633 (CVE-2024-25600) \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u0631\u0627 \u0645\u06cc\u200c\u062f\u0647\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0646\u0645\u0631\u0647 \u062e\u0637\u0631 9.8 \u062f\u0631 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc 1.9.6 \u0648 \u067e\u0627\u06cc\u06cc\u0646\u200c\u062a\u0631 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u0648 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0646\u06cc\u0627\u0632 \u0646\u062f\u0627\u0634\u062a\u0646 \u0628\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u06cc \u062e\u0627\u0635\u060c \u0628\u0633\u06cc\u0627\u0631 \u062e\u0637\u0631\u0646\u0627\u06a9 \u0627\u0633\u062a. \u0633\u0627\u0632\u0645\u0627\u0646 WordFence \u0627\u0639\u0644\u0627\u0645 \u06a9\u0631\u062f\u0647 \u06a9\u0647 \u0637\u06cc 24 \u0633\u0627\u0639\u062a \u06af\u0630\u0634\u062a\u0647\u060c \u0686\u0646\u062f\u06cc\u0646 \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0627 \u0645\u0633\u062f\u0648\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062a\u0648\u0635\u06cc\u0647 \u0634\u062f\u0647:\n\u0645\u0631\u06a9\u0632 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0628\u0644\u0698\u06cc\u06a9 (CCB) \u062a\u0627\u06a9\u06cc\u062f \u06a9\u0631\u062f\u0647 \u06a9\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0627\u06cc\u062f \u0628\u0627 \u0627\u0648\u0644\u0648\u06cc\u062a \u0628\u0627\u0644\u0627 \u0646\u0635\u0628 \u0634\u0648\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627 \u0628\u0627\u06cc\u062f \u0642\u0627\u0628\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0646\u0638\u0627\u0631\u062a \u0648 \u062a\u0634\u062e\u06cc\u0635 \u062e\u0648\u062f \u0631\u0627 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u0646\u062f \u062a\u0627 \u062f\u0631 \u0635\u0648\u0631\u062a \u0648\u0642\u0648\u0639 \u0646\u0641\u0648\u0630\u060c \u0628\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0633\u0631\u0639\u062a \u0648\u0627\u06a9\u0646\u0634 \u0646\u0634\u0627\u0646 \u062f\u0647\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0645\u06a9\u0627\u0646 \u06af\u0632\u0627\u0631\u0634 \u062f\u0627\u062f\u0646 \u062d\u0627\u062f\u062b\u0647 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a CCB \u0641\u0631\u0627\u0647\u0645 \u0627\u0633\u062a.\n\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\n\ud83d\udd3a https://cert.be/en/advisory/warning-critical-vulnerability-affects-wordpress-bricks-builder\n\n\ud83d\udccd Warning: Critical Vulnerability in WordPress Bricks Builder Plugin\n\nRecent security reports have identified a critical vulnerability in the WordPress Bricks Builder plugin (CVE-2024-25600) that allows attackers to execute remote code (RCE). This vulnerability, with a severity score of 9.8, exists in versions 1.9.6 and earlier and is particularly dangerous because it does not require specific user access privileges. WordFence has reported blocking several exploitation attempts of this vulnerability within the last 24 hours.\n\nRecommended Actions:\nThe Belgian Cyber Security Centre (CCB) emphasizes that security updates should be installed as a high priority. Additionally, organizations should enhance their monitoring and detection capabilities to identify suspicious activities promptly and respond quickly in case of a breach. Incident reporting through the CCB website is also available.\n\n\ud83d\udd17 For further reading, please visit: \n\n\ud83d\udd3a https://cert.be/en/advisory/warning-critical-vulnerability-affects-wordpress-bricks-builder", "creation_timestamp": "2024-07-22T17:33:56.000000Z"}, {"uuid": "50513c5b-8a55-41aa-bd93-1351c8110670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/ctinow/191312", "content": "https://ift.tt/v1yCfgb\nImperva successfully defends against CVE-2024-25600 in WordPress Bricks Builder", "creation_timestamp": "2024-02-23T00:31:58.000000Z"}, {"uuid": "4867445f-4459-4483-a0ef-8adc707f3266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/ctinow/189616", "content": "https://ift.tt/3jyKtYA\nCVE-2024-25600 Exploit", "creation_timestamp": "2024-02-21T14:16:31.000000Z"}, {"uuid": "9b3932a6-f243-404d-95e2-8c7af646483f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "exploited", "source": "https://t.me/thehackernews/4571", "content": "\u26a0\ufe0f Critical security flaw (CVE-2024-25600) in Bricks theme for WordPress (used by 25,000+ sites) is being exploited by attackers to run malicious PHP code on vulnerable installations. \n \nLearn more: https://thehackernews.com/2024/02/wordpress-bricks-theme-under-active.html", "creation_timestamp": "2024-02-20T10:17:30.000000Z"}, {"uuid": "8b818b5a-0049-4908-9f12-27eb86cc3bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://t.me/thehackernews/6584", "content": "\ud83d\udea8 Hackers are abusing WordPress mu-plugins\u2014a hidden auto-run directory\u2014to inject malware, hijack links, and redirect users to scam sites.\n\nAlso, add these to the list of 2024's major WordPress threats:\nCVE-2024-27956 | SQL injection\nCVE-2024-25600 | RCE in Bricks theme\nCVE-2024-8353 | PHP injection\nCVE-2024-4345 | Arbitrary file upload\n\nIf you run a WordPress site, check your mu-plugins folder NOW.\n\n\ud83d\udee1\ufe0f Full story: https://thehackernews.com/2025/03/hackers-exploit-wordpress-mu-plugins-to.html", "creation_timestamp": "2025-03-31T14:10:26.000000Z"}, {"uuid": "8ea5d54f-b1f0-4bba-8422-54e0750ccd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2004", "content": "https://github.com/Chocapikk/CVE-2024-25600\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6\n\n#github #exploit", "creation_timestamp": "2024-02-21T10:02:27.000000Z"}, {"uuid": "50e01c5a-ccc0-429a-978f-644a28e0b771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10016", "content": "#exploit\n1. CVE-2024-25600:\nBricks <=1.9.6 - Unauthenticated RCE\nhttps://github.com/Chocapikk/CVE-2024-25600\n\n2. CVE-2023-52251:\nKafka UI 0.7.1 - Command Injection\nhttps://packetstormsecurity.com/files/177214/Kafka-UI-0.7.1-Command-Injection.html\n\n3. Additional exploits for XSS in Cisco ASA devices (CVE-2020-3580)\nhttps://github.com/imhunterand/CVE-2020-3580", "creation_timestamp": "2024-02-23T00:05:33.000000Z"}, {"uuid": "82913eb8-b169-4770-bde3-46bc6e6401a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "d9be873b-1a35-49ca-865e-135f0efe7cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3llpczs22js2s", "content": "", "creation_timestamp": "2025-03-31T21:38:56.721560Z"}, {"uuid": "951f3312-8114-4f25-9658-d9bd0b22c4a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3llpcztm5322s", "content": "", "creation_timestamp": "2025-03-31T21:38:57.430247Z"}, {"uuid": "9456b210-902e-43ef-bbd1-afcf65c4dee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:01.000000Z"}, {"uuid": "238f80b1-0598-4b62-8b8a-82bb1451fd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-25600", "type": "seen", "source": "https://gist.github.com/rastaa44/a58f11fdfbe14944c9f1000ea9744a5e", "content": "", "creation_timestamp": "2025-04-01T16:34:43.000000Z"}]}