Privilege Escalation

wordpress is vulnerable to privilege escalation. Using XML-RPC allows an unprivileged user to comment on a post as wp-includes/class-wp-xmlrpc-server.php does not enforce the permission to restrict it...

WordPress <= 4.3.0 权限提升漏洞

越权操作位于 XMLRPC 文章编辑操作中，涉及文件 /wp-includes/class-wp-xmlrpc-server.php 5042-5327 其中关键代码分析： public function mweditPost $args $this-escape $args ; $postID = int $args0; // 获取需要编辑的文章ID 用户所属 $username = $args1; // 从请求的xml中获取用户名 $password = $args2; // 从请求的xml中获取用户密码 $contentstruct = $args3; // 从请求的xml中获取结...