CVE-2020-24186 PoC — WordPress 代码问题漏洞

Source

https://github.com/Sakura-501/CVE-2020-24186-exploit

Associated Vulnerability

Title:WordPress 代码问题漏洞 (CVE-2020-24186)
Description:WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress wpDiscuz 7.0.4之前版本中存在远程代码执行漏洞，该漏洞允许攻击者上传任意文件。.

Description

CVE-2020-24186的攻击脚本

Readme

# CVE-2020-24186-exploit
CVE-2020-24186的攻击脚本  
Exp使用方法：  
Commands:  
- Windows/Linux:  
- python3 CVE-2020-24186.py -u <Base_Host> -p <BlogPost_URL>   
Example：  
- python3 CVE-2020-24186.py -u http://127.0.0.1 -p /wordpress/2022/04/04/hello-world  
![](example.png)

File Snapshot


 [4.0K]  /data/pocs/0fe52d326536f7d8bdc7a5f0e31387b1a437c215
├── [5.4K]  CVE-2020-24186.py
├── [434K]  example.png
└── [ 290]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!