exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Nex Team

WordPress Backup Migration 1.3.7 Remote Command Execution

Posted Jan 18, 2024

Authored by jheysel-r7, Valentin Lobstein, Nex Team | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in WordPress Backup Migration plugin versions 1.3.7 and below. The vulnerability is exploitable through the Content-Dir header which is sent to the /wp-content/plugins/backup-backup/includes/backup-heart.php endpoint. The exploit makes use of a neat technique called PHP Filter Chaining which allows an attacker to prepend bytes to a string by continuously chaining character encoding conversions. This allows an attacker to prepend a PHP payload to a string which gets evaluated by a require statement, which results in command execution.

tags | exploit, remote, php

advisories | CVE-2023-6553

SHA-256 | 1feecca12306422ebe993c3821d87be77ad3056e719f9dcbae7c033f156e447f

Download | Favorite | View

WordPress Backup Migration 1.3.7 Remote Code Execution

Posted Dec 12, 2023

Authored by Nex Team | Site wordfence.com

WordPress Backup Migration plugin versions 1.3.7 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2023-6553

SHA-256 | 203e34e920d3b9a7fe4d03e187ec4eba212c533383031415d2c9a09ba3f9606c

Download | Favorite | View