## https://sploitus.com/exploit?id=0D182D4B-D9B1-5CA4-8036-DD0DB1BC588E
```
โโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโ โโโโโโโโโโ โโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโ
โโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโ โโโโโโ โโโโโโโโโโโ
โโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโ โโโโโโโโโโโ
โโโ โโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโ
โโโ โโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโโ โโโโโโโโ
```
```
โโโโโโโโโโโ โโโโโโโโโโ โโโ โโโโโโโ โโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโ
โโโโโโ โโโโโโ โโโโโโโโโโโ โโโ โโโโโโ โโโ
โโโโโโ โโโโโโ โโโโโโโ โโโ โโโ โโโโโโ โโโ
โโโโโโโโโโโโ โโโโโโ โโโโโโโโโโโโโโโโโโโโ โโโ
โโโโโโโโโโโ โโโโโโ โโโโโโโโ โโโโโโโ โโโ โโโ
```
# ๐ก๏ธ FriendsExploit โ CVE-2026-3891
### `Pix for WooCommerce
---
## ๐ Description
> โก This tool exploits **CVE-2026-3891**, a critical **unauthenticated arbitrary file upload** vulnerability found in the **Pix for WooCommerce** WordPress plugin (versions โค 1.5.0).
An unauthenticated attacker can upload arbitrary files (e.g., PHP web shells) to the target server **without any authentication**, leading to **Remote Code Execution (RCE)**.
> โ ๏ธ **DISCLAIMER**
>
> This tool is intended for **authorized penetration testing and educational purposes only**.
> Do not use this tool against systems you do not own or have explicit written permission to test.
> **Unauthorized use is illegal.**
---
## ๐ CVE Details
๐ CVE ID
CVE-2026-3891
๐ Plugin
Pix for WooCommerce
๐ฏ Affected
Versions โค 1.5.0
๐ Type
Unauthenticated Arbitrary File Upload
๐ฅ Impact
Remote Code Execution (RCE)
โ ๏ธ CVSS
Critical
---
## โ๏ธ Requirements
| Requirement | Version | Notes |
|--------------------|---------------|------------------------------|
| ๐ Python | 3.8+ | Required |
| ๐ฅ๏ธ Kali Linux | Any version | Recommended |
| ๐ฆ PyQt5 | โฅ 5.15.9 | GUI framework |
| ๐ requests | โฅ 2.31.0 | HTTP library |
| ๐ urllib3 | โฅ 2.2.0 | URL handling |
---
## ๐ฅ Installation
```bash
# ๐ Clone or download the tool
cd "CVE-2026-3891-Linux"
# ๐ Create a virtual environment
python3 -m venv venv
# โถ๏ธ Activate the virtual environment
source venv/bin/activate
# ๐ฆ Install dependencies
pip install -r requirements.txt
```
---
## ๐ Quick Start
### Method 1 โ Auto Launcher (Recommended)
```bash
chmod +x run.sh
./run.sh
```
> `run.sh` will automatically check Python3, create venv, install dependencies, verify PyArmor, and launch the tool.
### Method 2 โ Manual Run
```bash
source venv/bin/activate
python3 CVE-2026-3891.py
```
### Method 3 โ Run with English Translation
```bash
source venv/bin/activate
python3 patch_runner.py
```
---
## ๐ฑ๏ธ GUI Instructions
#
Step
Description
1
๐ฏ Targets
Enter target URL(s) comma-separated or browse to a .txt file
2
๐ Shell File (.php)
Enter the PHP shell filename (default: shell.php)
3
๐ Output File
Specify output file for successful shells (default: shells.txt)
4
๐งต Threads
Set number of concurrent threads (max: 50)
5
โถ๏ธ Start Exploit
Click to begin the exploitation process
6
โน๏ธ Stop
Click to halt execution at any time
7
๐งน Clear Log
Click to clear the output log
---
## ๐ File Structure
```
CVE-2026-3891-Linux/
โโโ ๐ CVE-2026-3891.py # Main exploit script (PyArmor encrypted)
โโโ ๐ pyarmor_runtime_000000/ # PyArmor runtime (required)
โโโ ๐ patch_runner.py # Translation wrapper (Indonesian โ English)
โโโ ๐งช patch_test.py # Alternative translation via Qt hooks
โโโ ๐ run.sh # Auto launcher (recommended)
โโโ ๐ requirements.txt # Python dependencies
โโโ ๐ venv/ # Virtual environment (auto-created)
โโโ ๐ README.md # This file
```
> โ ๏ธ **Important:** The `pyarmor_runtime_000000/` folder must always be in the same directory as `CVE-2026-3891.py`. **Do not move or delete it.**
---
## ๐ Translation Layer
The main exploit (`CVE-2026-3891.py`) has Indonesian UI strings. Two translation wrappers are included:
| File | Method | Status |
|------|--------|--------|
| `patch_runner.py` | Scans widgets every 500ms and replaces text | โ Recommended |
| `patch_test.py` | Hooks Qt `setText`/`setPlaceholderText` methods | ๐งช Testing |
Both translate Indonesian labels and placeholders to English before display.
---
## ๐ Notes
- ๐ Results are saved to `shells.txt` by default.
- ๐ Make sure your PHP shell file (`shell.php`) is placed in the same directory before running.
- ๐ฅ๏ธ On Kali Linux, always use a virtual environment to avoid system Python conflicts.
- ๐ The main exploit script is **PyArmor protected** โ source code is encrypted.
---
## ๐จโ๐ป Developer & Collaboration
WILLY JR. CARNASA GAILO
๐ฌ Security Researcher
๐ป Developer & Exploit Author
> ๐ก *"Building tools for authorized security research and responsible disclosure."*
---
## ๐ Acknowledgments
> ๐ฏ Sa lahat ng **bug bounty hunters** at **security researchers** na nagpo-propose ng responsible disclosure โ kayo ang dahilan kung bakit nag-i-improve ang security ng mga web applications.
>
> ๐ Kung may naitulong itong tool sa iyong **authorized penetration testing**, please consider giving back sa open-source security community.
---
### ๐ Legal Notice
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ This tool is for AUTHORIZED penetration testing only. โ
โ Always follow responsible disclosure practices. โ
โ Unauthorized use is ILLEGAL and may result in prosecution. โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
---
### ๐ Repository Stats

---
**ยฉ 2026 FriendsExploit | Developed by Willy Jr. Carnasa Gailo**
Made with ๐ก๏ธ for the security community