10 matches found
📄 WordPress SureTriggers 1.0.78 Authentication Bypass
WordPress SureTriggers plugin versions 1.0.78 and below expose an unauthenticated REST endpoint that allows construction of a user creation payload. This proof of concept demonstrates structure and logic only. No admin account is created, no plugin uploaded...
Exploit for CVE-2025-3102
CVE-2025-3102 🛠️ SureTriggers Exploit Script Script ini diguna...
Exploit for CVE-2025-3102
🔐 CVE-2025-3102 – Authentication Bypass in SureTriggers WordPr...
Exploit for CVE-2025-3102
Vanda CVE-2025-3102 💣 Exploit com interface gráfica para a vuln...
Exploit for CVE-2025-3102
Vanda CVE-2025-3102 💣 Exploit com interface gráfica para a vuln...
OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
A newly disclosed high-severity security flaw impacting OttoKit formerly SureTriggers has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 CVSS score: 8.1, is an authorization bypass bug that could permit an attacker to create...
CVE-2025-3102
creationtimestamp| type| source ---|---|--- 2025-04-10 04:49:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11192 2025-04-10 07:30:19+00:00| seen| Telegram/TrTtZDlxpbFpk8M-zmc8aWcsEx5X5eIera1FkEN864Om4qg 2025-04-10 07:48:31+00:00| seen|...
CVE-2025-3102 SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation
The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...
CVE-2025-3102
CVE-2025-3102 — SureTriggers WordPress plugin (≤ 1.0.78) vulnerable to authentication bypass that allows unauthenticated creation of administrator accounts via the plugin’s REST API when the API key is not configured. Evidence across sources shows a missing empty value check on the secret_key in ...
WordPress SureTriggers plugin <= 1.0.78 - Authorization Bypass vulnerability
Authorization Bypass vulnerability discovered by mikemyers in WordPress Plugin OttoKit versions = 1.0.78...