CVE-2023-5360 PoC — WordPress Plugin Royal Elementor Addons and Templates 代码问题漏洞

Source

https://github.com/1337r0j4n/CVE-2023-5360

Associated Vulnerability

Title:WordPress Plugin Royal Elementor Addons and Templates 代码问题漏洞 (CVE-2023-5360)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin Royal Elementor Addons and Templates 1.3.79 版本之前存在代码问题漏洞，该漏洞源于无法正确验证上传的文件，这可能导致远程代码执行。

Description

CVE-2023-5360 Exploit/POC

Readme

# CVE-2023-5360 Exploit/POC

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360. 

## usage
#### single 
```
bash CVE_2023_5360.sh https://target.com
```

#### mass
```
while read sites; do bash CVE_2023_5360.sh $sites; done < yours_list.txt
```

## POC vd
https://shorturl.at/ioV35

File Snapshot


 [4.0K]  /data/pocs/1fbd36673fd5e470e670da20f5b382df5b2a4cda
├── [ 637]  CVE_2023_5360.sh
└── [ 383]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!