Share
## https://sploitus.com/exploit?id=6D3C985E-FA61-5BAA-A3F8-338736625ABB
# CVE-2025-68860
WordPress Mobile builder Plugin <= 1.4.2 is vulnerable to a high priority Broken Authentication

# ๐Ÿšจ WordPress Mobile builder Plugin  **Authentication Bypass Using an Alternate Path or Channel** vulnerability in Mobile Builder allows Authentication Abuse. This issue affects Mobile builder from n/a through 1.4.2.

- **CVSS Score:** 9.8 CRITICAL  
- **Vector:** AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A remote attacker can craft a valid authentication token and gain administrator access without any prior interaction or credentials, leading to full compromise of the WordPress installation.

---

## โš™๏ธ Script Description

**CVE-2025-68860.py** is a fully automated exploit for the WordPress Mobile builder  This script is provided for educational and authorized testing purposes only.  
> **Do not use it against systems you do not own or have explicit, legal authorization to test.**  
> Any misuse may be illegal and is solely the userโ€™s responsibility.

---

**By:** Nxploited (Khaled Alenazi)  
**Telegram:** [@KNxploited](https://t.me/KNxploited)  
**GitHub:** [https://github.com/Nxploited](https://github.com/Nxploited)