3 matches found
Wordpress XCloner 4.2.12 Plugin - Remote Code Execution (Authenticated) Exploit
Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12 Tested on: Ubunt...
WordPress XCloner 4.2.12 Remote Code Execution
Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Date 30.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12...
CVE-2020-35948
The CVE-2020-35948 issue affects the WordPress plugin XCloner Backup and Restore (versions prior to 4.2.13). The root cause is an insecure write_file_action in xcloner_restore.php that can overwrite files (e.g., wp-config.php), enabling authenticated attackers to modify arbitrary files and achiev...