关联漏洞
描述
Post Saint <= 1.3.1 plugin for WordPress Arbitrary File Upload
介绍
# CVE-2024-1247-PoC
Post Saint <= 1.3.1 plugin for WordPress Arbitrary File Upload
# Description
The **Post Saint** plugin for WordPress (versions up to and including 1.3.1) is vulnerable to arbitrary file uploads due to missing capability checks and file type validation. Authenticated attackers with at least subscriber-level access can exploit this vulnerability to upload arbitrary files, potentially leading to remote code execution.
### Features
- Detects vulnerable plugin versions.
- Logs into WordPress using provided credentials.
- Exploits the vulnerability to upload arbitrary files.
### Usage
#### Prerequisites
1. Install Python 3.8 or later.
2. Install the required libraries:
```
pip install requests packaging urllib3
```
### Usage -help
```
CVE-2024-12471 | Post Saint plugin for wordpress Arbitrary File Upload
options:
-h, --help show this help message and exit
-u URL, --url URL Base URL of the WordPress site
-un USERNAME, --username USERNAME
WordPress username
-p PASSWORD, --password PASSWORD
WordPress password
-ru REMOTE_URL, --remote_url REMOTE_URL
Remote URL of the shell file to inject
```
### Example:
```
python CVE-2024-12471.py -u <Base URL> -un <Username> -p <Password> -ru <Remote Shell URL>
```
### Disclaimer
This script is for educational and research purposes only. Unauthorized use against systems you do not own or have explicit permission to test is illegal and unethical.
文件快照
[4.0K] /data/pocs/97bad60c5d8d59f03675a535a8e4b4f9c7d19a52
├── [5.2K] CVE-2024-12471.py
└── [1.5K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。