Wordpress BulletProof Security Backup Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Wordpress BulletProof Security Backup Disclosure', 'Description' = %q The Wordpress plugin BulletProof Security, versions 'Ron...

WordPress Perfect Survey Plugin - 1.5.1 - SQL injection (Unauthenticated) Exploit

Exploit Title: WordPress Plugin Perfect Survey - 1.5.1 - SQLi Unauthenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.getperfectsurvey.com/ Software Link: https://web.archive.org/web/20210817031040/https://downloads.wordpress.org/plugin/perfect-survey.1.5.1.zip Version:...

Wordpress 404 to 301 2.0.2 Plugin - SQL Injection (Authenticated) Exploit

Exploit Title: Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://de.wordpress.org/plugins/404-to-301/ Software Link: https://downloads.wordpress.org/plugin/404-to-301.2.0.2.zip Version: = 2.0.2 Tested on: Ubuntu 20.04 CV...

WordPress Modern Events Calendar V 6.1 Plugin - SQL Injection (Unauthenticated) Exploit

Exploit Title: WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection Unauthenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.6.1.0.zip Version: = 6.1...

WordPress WP Visitor Statistics 4.7 SQL Injection

Exploit Title: WordPress Plugin WP Visitor Statistics 4.7 - SQL Injection Date 22/12/2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.plugins-market.com/ Software Link: https://downloads.wordpress.org/plugin/wp-stats-manager.4.7.zip Version: = 4.7 Tested on: Ubuntu 18.04 CV...

Wordpress Catch Themes Demo Import 1.6.1 Plugin- Remote Code Execution Exploit

Exploit Title: Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution RCE Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wordpress.org/plugins/catch-themes-demo-import/ Software Link:...

WordPress BulletProof Security 5.1 Information Disclosure

Exploit Title: Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure Date 04.10.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://forum.ait-pro.com/read-me-first/ Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.1.zip Version: =...

WordPress Modern Events Calendar 5.16.2 Information Disclosure

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Event export Unauthenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.16.2.z...

Wordpress Modern Events Calendar 5.16.2 Plugin - Event export (Unauthenticated) Exploit

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Event export Unauthenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.16.2.zip Version: Befo...

WordPress Modern Events Calendar 5.16.2 Shell Upload

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution Authenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link:...

Wordpress XCloner 4.2.12 Plugin - Remote Code Execution (Authenticated) Exploit

Exploit Title: Wordpress Plugin XCloner 4.2.12 - Remote Code Execution Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.xcloner.com/ Software Link: https://downloads.wordpress.org/plugin/xcloner-backup-and-restore.4.2.12.zip Version: 4.2.1 - 4.2.12 Tested on: Ubunt...