CVE-2015-10140
published 2025-07-22CVE-2015-10140: The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to…
PriorityP261high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
0.99%
58.2th percentile
The Ajax Load More plugin before 2.8.1.2 does not have authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber, to upload and delete arbitrary files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| connekthq | ajax_load_more | < 2.8.1.2 | 2.8.1.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated or low-privileged (e.g. subscriber-role) WordPress AJAX requests that result in file uploads or deletions — indicative of missing authorisation checks in Ajax Load More AJAX actions. ↗
- →Alert on PHP file uploads to WordPress via AJAX endpoints associated with the Ajax Load More plugin, as exploitation results in arbitrary PHP file upload and remote code execution. ↗
- →The Metasploit module wp_ajax_load_more_file_upload.rb targets this vulnerability; presence of this module in use against a WordPress instance should be treated as an active exploitation attempt. ↗
- ·Exploitation requires only subscriber-level authentication — any authenticated WordPress user account is sufficient, lowering the bar for exploitation significantly. ↗
- ·The Metasploit module was tested on specific OS/WordPress combinations; behaviour may vary outside Ubuntu 12.04/14.04 with WordPress 4.1.3. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2025-07-22
Published