`[x] Wordpress Magn WP Drag and Drop Upload Shell Upload Vulnerability
[x] Author: JingoBD [http://facebook.com/life.is.code]
[x] Bangladesh Cyber Army
[x] Download Link:
http://wordpress.org/extend/plugins/magn-html5-drag-and-drop-media-uploader/
[x] Version : 0.9 (Last Version)
[x] Tested On: Linux(Ubuntu) & Win7 32
-[Exploit]-:
[*] Dork: No Dork For Kids. :p
[*] Register vulnerable site. www.site.com/wp-register.php [N.B: If
public registration disable This exploit is not work]
[*] Confrim your email, then login.
[*] Add a new post and Drag and Drop your shell[PHP SHELL] in
Drag,Drop Box. It show Error.
[*] Your shell:
http://localhost/wp-content/plugins/magn-html5-drag-and-drop-media-uploader/temp/SHELL.php
=================================================================
We Are: --| Bedu33n, N!1l Rex0Man, ManInDark, Escape X0ne(Eclipse ),
Desert_Rose, 00xnull, 34GL3_3Y3, 5!L3NT @55@55!N, s1l3n7 BD, Rudr0
Akash, p5YcH0 d0d93r, Tr0oN |--
=================================================================
BANGLADESH CYBER ARMY
http://facebook.com/BDCyberArmy
`