Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitDaveWPEX-ID:C549CF1F-58D1-42C9-97DB-C1D0E4BC505B
HistoryJan 14, 2020 - 12:00 a.m.

Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass

2020-01-1400:00:00
Dave
12

0.099 Low

EPSS

Percentile

94.9%

JSON

It is possible to login as an administrator on the site due to logical mistakes in the code.

The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parse_request function calls the function decode_server_request_wptc which check if the raw POST payload contains a certain string. If it does, it calls wptc_login_as_admin and you'll be logged in as an administrator.

Related

cve 1
wpvulndb 1
prion 1
nuclei 1
nvd 1
cvelist 1
cve
cve
CVE-2020-8771
2020-02-06 17:15:14
wpvulndb
wpvulndb
Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass
2020-01-14 00:00:00
prion
prion
Design/Logic Flaw
2020-02-06 17:15:00
nuclei
nuclei
WordPress Time Capsule < 1.21.16 - Authentication Bypass
2021-03-10 06:59:08
nvd
nvd
CVE-2020-8771
2020-02-06 17:15:14
cvelist
cvelist
CVE-2020-8771
2020-02-06 16:27:19

0.099 Low

EPSS

Percentile

94.9%

JSON
Related for WPEX-ID:C549CF1F-58D1-42C9-97DB-C1D0E4BC505B
cve1wpvulndb1prion1nuclei1nvd1cvelist1