📄 WordPress StoryChief 1.0.42 Shell Upload

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in the StoryChief WordPress plugin less than or equal to 1.0.42. The plugin exposes a webhook endpoint at /wp-json/storychief/webhook which accepts a forged HMAC. Because the plugin uses an empty secret for HMA...

Exploit for CVE-2025-7441

CVE-2025-7441 StoryChief - 1.0.42 - Unauthenticated Arbitrary...

CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

CVE-2025-7441

The CVE-2025-7441 issue affects WordPress StoryChief/plugin versions up to 1.0.42. It centers on an unauthenticated, arbitrary file upload via the /wp-json/storychief/webhook endpoint, which lacks sufficient file-type validation, enabling an attacker to store attacker-controlled content (e.g., PH...

CVE-2025-7441 StoryChief <= 1.0.42 - Unauthenticated Arbitrary File Upload

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

PT-2025-33527

Name of the Vulnerable Software and Affected Versions: StoryChief plugin for WordPress versions up to and including 1.0.42 Description: The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filetype validation. This occurs through the...

WordPress StoryChief plugin <= 1.0.42 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by mikemyers in WordPress Plugin StoryChief versions = 1.0.42...

StoryChief < 1.0.31 - Authenticated Stored Cross-Site Scripting (XSS)

The plugin does not sanitise and escape its StoryChief Key setting before outputting it in an attribute, leading to an Authenticated Stored Cross-Site Scripting issue PoC Put the following payload in the StoryChief Key setting and save them: "...