## https://sploitus.com/exploit?id=6D3C985E-FA61-5BAA-A3F8-338736625ABB
# CVE-2025-68860
WordPress Mobile builder Plugin <= 1.4.2 is vulnerable to a high priority Broken Authentication
# ๐จ WordPress Mobile builder Plugin **Authentication Bypass Using an Alternate Path or Channel** vulnerability in Mobile Builder allows Authentication Abuse. This issue affects Mobile builder from n/a through 1.4.2.
- **CVSS Score:** 9.8 CRITICAL
- **Vector:** AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A remote attacker can craft a valid authentication token and gain administrator access without any prior interaction or credentials, leading to full compromise of the WordPress installation.
---
## โ๏ธ Script Description
**CVE-2025-68860.py** is a fully automated exploit for the WordPress Mobile builder This script is provided for educational and authorized testing purposes only.
> **Do not use it against systems you do not own or have explicit, legal authorization to test.**
> Any misuse may be illegal and is solely the userโs responsibility.
---
**By:** Nxploited (Khaled Alenazi)
**Telegram:** [@KNxploited](https://t.me/KNxploited)
**GitHub:** [https://github.com/Nxploited](https://github.com/Nxploited)