12 matches found
Exploit for Improper Authentication in Automattic Woocommerce_Payments
CVE-2023-28121 usage: CVE-2023-28121.py -h -v RHOST R...
Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Plugin WooCommerce Payments Unauthenticated Admin Creation', 'Description' = %q WooCommerce-Payments plugin for Wordpress versions 4.8'...
Exploit for Improper Authentication in Automattic Woocommerce_Payments
WP-CVE-2023-28121 WooCommerce Payments Python 2.7 Buy Coff...
Massive Targeted Exploit Campaign Against WooCommerce Payments Underway
The Wordfence Threat Intelligence team has been monitoring an ongoing exploit campaign targeting a recently disclosed vulnerability in WooCommerce Payments, a plugin installed on over 600,000 sites. Large-scale attacks against the vulnerability, assigned CVE-2023-28121, began on Thursday, July 14...
VulnCheck KEV: CVE-2023-28121
An issue in WooCommerce Payments plugin for WordPress versions 5.6.1 and lower allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of...
Metasploit Weekly Wrap-Up
Authentication bypass in Wordpress Plugin WooCommerce Payments This week's Metasploit release includes a module for CVE-2023-28121 by h00die. This module can be used against any wordpress instance that uses WooCommerce payments 5.6.1. This module exploits an auth by-pass vulnerability in the...
Exploit for Improper Authentication in Automattic Woocommerce_Payments
CVE-2023-28121 WooCommerce Payments - For installing requirem...
CVE-2023-28121
creationtimestamp| type| source ---|---|--- 2023-06-04 12:58:07+00:00| published-proof-of-concept| https://t.me/fiolatools/33 2023-06-16 16:19:30+00:00| seen| Telegram/xmGrvZC6z26tJLfWlCFMttFnMoKCiuzW0O-s-STZ5EfVg 2023-06-16 18:18:29+00:00| seen|...
CVE-2023-28121
An issue in WooCommerce Payments plugin for WordPress versions 5.6.1 and lower allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the...
CVE-2023-28121
CVE-2023-28121 – WooCommerce Payments (WordPress) An authentication bypass vulnerability affects the WooCommerce Payments plugin for WordPress, in versions 5.6.1 and lower. An unauthenticated attacker can induce requests or actions that run with an elevated user (e.g., administrator) privileges, ...
Exploit for Improper Authentication in Automattic Woocommerce_Payments
CVE-2023-28121 WooCommerce Payments: Unauthorized Admin Access...
WordPress WooCommerce Payments Plugin Authentication Bypass Vulnerability (Mar 2023)
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:automattic:woopayments"; ifdescription...