CVE-2024-6624 | JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation

This is a Python script that exploits the CVE-2024-6624 vulnerability in the JSON API User <= 3.9.3 plugin for WordPress. This tool allows unauthenticated attackers to register new users and escalate their privileges to administrator without authorization.

How to Use

Preparation

Ensure that Python 2.7 is installed on your system.
Install the requests dependency:
```
pip install requests
```
Prepare a text file (urls.txt) containing a list of target URLs (one URL per line).

Usage Steps

Run the script:
```
python CVE-2024-6624.py
```
Enter the filename containing the target URLs when prompted:
```
Enter the filename containing the URL list: urls.txt
```
The script will process each URL in the list and attempt to exploit the vulnerability.
Successful exploit results will be saved in the admin.txt file in the following format:
```
http://example.com/wp-login.php|ngocoxscrew|ngocoxs_crews+
```

Disclaimer

I have written the disclaimer on the cover of Jenderal92. You can check it HERE !!!

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
CVE-2024-6624.py		CVE-2024-6624.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-6624 | JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation

How to Use

Preparation

Usage Steps

Disclaimer

About

Releases

Packages

Languages

Jenderal92/CVE-2024-6624

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-6624 | JSON API User <= 3.9.3 - Unauthenticated Privilege Escalation

How to Use

Preparation

Usage Steps

Disclaimer

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages