The flaw allowed anybody to escalate their privileges to those of an administrator, as long as subscriber-level registration was enabled on a given WordPress site with the vulnerable plugin installed.
1. Log in as Subscriber. 2. Scrape the page (/wp-admin/index.php) for the connection key. (i.e. view source and search for “Connection Key”) Copy the key. Excerpt:
wpCentral Connection Key
lsgp0jlf3hjnaudtozswglpdva4xodnd94hcu5qb81dzdpt4y3iagwerwbwukmcw78g2dihphluqxagvo7dmm0igxamp2cw58jan0jvjhmv7dh953ububhnuimkgnmlk
CPE | Name | Operator | Version |
---|---|---|---|
wp-central | lt | 1.5.1 |