来源

关联漏洞

介绍

# CVE-2024-12849-Poc
## 📜  Description
The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the wp_ajax_nopriv_elvwp_log_download AJAX action. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.

### ⚙️ Install the required packages
```
pip install requests

```
### ⚙ Check Version and Download Default File 
Example Command

```
python CVE-2024-12849.py -u http://192.168.100.74/wordpress

```
### 🔍 Download a Custom File:
To download a specific file from the server, use the --file (or -f) option to specify the path to the file.
The script sends a request to fetch the file and saves the response.

Example Command:

```
python main.py -u http://192.168.100.74/wordpress -f /path/file

```
### 🔍 Download wp-config.php
To download the sensitive wp-config.php file, use the --path (or -p) option to specify the WordPress installation directory.
The script appends /wp-config.php to the given path and attempts to retrieve the file.

Example Command:

```
python main.py -u http://192.168.100.74/wordpress -p /opt/lampp/htdocs/wordpress

```
### 📡  Results Logging
All results, including successes and errors, are logged into a file named data.txt.
This file contains timestamps for each action, making it easy to review past operations.


### Note
This script is provided for educational purposes only. The author is not responsible for any damages caused by the misuse of this script.

文件快照

 [4.0K]  /data/pocs/2da69f3f6d758fb5cb27ba7ff10d830428c2aa11
├── [5.2K]  CVE-2024-12849.py
└── [1.6K]  README.md

0 directories, 2 files

备注