13 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Wordpress
PoC exploit for CVE-2019-8942 and CVE-2019-8943, a pair of vulne...
WordPress Core Directory Traversal (CVE-2019-8943)
A directory traversal vulnerability exists in WordPress. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
WordPress < 5.0.4 Directory Traversal Vulnerability
According to its self-reported version number, the WordPress application running on the remote web server is prior to 5.0.4. It is, therefore, affected by a directory traversal vulnerability in its wpcropimage component. An authenticated, remote attacker can exploit this, by sending a URI that...
WordPress Core 5.0.0 - Crop-image Shell Upload (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Crop-image Shell Upload', 'Description' = %q This module exploits a path traversal and a local file inclusion vulnerability on WordPres...
WordPress 5.0.0 crop-image Shell Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Crop-image Shell Upload', 'Description' = %q This module exploits a path traversal and a local file inclusion vulnerability on WordPres...
CVE-2019-8943
creationtimestamp| type| source ---|---|--- 2019-03-01 08:59:30+00:00| published-proof-of-concept| https://t.me/antichat/3785 2019-03-01 09:58:50+00:00| seen| https://t.me/thebugbountyhunter/2368 2019-04-04 20:32:00+00:00| seen|...
WordPress < 5.1 Path Traversal Vulnerability - Linux
WordPress allows Path Traversal in wpcropimage. An attacker who has privileges to crop an image can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
WordPress RCE Vulnerability (CVE-2019-8942) - Windows
WordPress allows remote code execution RCE because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif...
Remote code execution
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...
DEBIAN-CVE-2019-8943
WordPress through 5.0.3 allows Path Traversal in wpcropimage. An attacker who has privileges to crop an image can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
CVE-2019-8942
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...
CVE-2019-8942
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...
CVE-2019-8943
CVE-2019-8943 affects WordPress up to version 5.0.3, where wp_crop_image() path traversal allows an image-cropping user to write the output image to an arbitrary directory by crafting a filename with two image extensions and ../ sequences. Arch Linux advisory confirms remote code execution risk v...