Exploit for Double Free in Microsoft

CVE-2...

filecoin-audit-kit

Filecoin Security Devnet Spin up a local Filecoin network for...

Offensive-Security-KnowledgeBase

Offensive-Security-KnowledgeBase Str...

Exploit for SQL Injection in Mjdm Majordomo

CVE-2026-27179 Proof of Concept Academic & Defensive Resea...

Kernel-Exploit

No d...

Exploit for Heap-based Buffer Overflow in Netapp Bootstrap_Os

No d...

Exploit for Incorrect Authorization in Suse Pam-Config

CVE-2025-6018 + CVE-2025-6019 Privilege Escalation Guide 中文...

Cyber-Guide

!Typing SVGhttps://readme-typing-svg.herokuapp.com?font=Fira...

Exploit for Improper Encoding or Escaping of Output in Parall Jspdf

CVE-2026-25940 jsPDF PoC A proof-of-concept for CVE-2026-2594...

📄 WordPress MPMF Plugin 1.0.2 Shell Upload

This Metasploit module exploits an unauthenticated file upload vulnerability in WordPress Multi‑Purpose Multi‑Form MPMF plugin version 1.0.2. By abusing a vulnerable AJAX action exposed via admin-ajax.php, an attacker can upload a crafted PHP file and trigger its execution to obtain remote code...

📄 WordPress Elementor 3.18.1 Shell Upload

Proof of concept exploit for WordPress Elementor plugin version 3.18.1 that demonstrates a remote shell upload vulnerability. ============================================================================================================================================= | Title : WordPress Elementor...

📄 MajorDoMo Supply Chain Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in MajorDoMo's saverestore module via supply chain poisoning. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...

📄 WordPress Really Simple Security 9.1.1.1 Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in the WordPress Really Simple SSL plugin versions 9.1.1.1 and below. The vulnerability exists in the skiponboarding REST API endpoint. When exploited, the module allows unauthenticated attackers to gain full administrator...

📄 WordPress King Addons for Elementor 51.1.14 Privilege Escalation

Proof of concept for a WordPress King Addons for Elementor plugin versions 24.12.92 through 51.1.14 unauthenticated privilege escalation vulnerability. ============================================================================================================================================= |...

📄 WordPress Project Notebooks 1.1.4 Remote Code Execution

Proof of concept exploit for the WordPress Project Notebooks plugin version 1.1.4 remote code execution vulnerability that allows for privilege escalation through improper validation of AJAX actions and nonce exposure...

📄 WordPress Backup Migration 1.3.7 Database Disclosure

WordPress Backup Migration plugin version 1.3.7 allows unauthenticated users to access sensitive backup files, potentially exposing the full database and website content. An attacker can retrieve backup archives without authentication...

📄 MajorDoMo Console Eval Unauthenticated Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in MajorDoMo, an open-source home automation platform. The admin panels PHP console is accessible without authentication due to a missing exit after redirect in modules/panel.class.php. The redirect"/" call...

📄 WordPress PDF Generator Addon for Elementor Page Builder 1.75 Traversal

Proof of concept exploit for a WordPress PDF Generator Addon for Elementor Page Builder plugin version 1.75 unauthenticated arbitrary file download vulnerability that leverages a path traversal...

📄 FreeRDP Integer Overflow

A vulnerability in FreeRDP prior to version 3.23.0 allows an attacker to trigger an endless blocking loop due to an integer overflow in the StreamEnsureCapacity function. The issue occurs when a requested buffer size approaches or exceeds half of SIZEMAX on 32-bit systems. During capacity...

📄 WordPress File Away 3.9.9.0.1 Arbitrary File Read

Proof of concept exploit for a WordPress File Away plugin version 3.9.9.0.1 arbitrary file read vulnerability. ============================================================================================================================================= | Title : WordPress File Away Plugin =...