CVE-2024-27956 PoC — WordPress Plugin WP Automatic SQL注入漏洞

Source

https://github.com/7aRanchi/CVE-2024-27956-for-fscan

Associated Vulnerability

Title:WordPress Plugin WP Automatic SQL注入漏洞 (CVE-2024-27956)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin WP Automatic 存在SQL注入漏洞，该漏洞源于存在 SQL 注入漏洞。

Description

Yaml PoC rule for fscan.

Readme

# 🛑CVE-2024-27956-for-fscan
_Thanks for PoC by diego-tella_
## _English_
_This is a Yaml PoC rule of CVE-2024-27956 Wordpress Automatic SQLi for fscan._
### _How to use:_
1. _Add the yml file to path:/fscan-main/WebScan/pocs._
2. _Build the fscan's go files._
3. _Start the fscan and enjoy._
### _Attention:_
_If the vulnerability exists,fscan will create a new user by requesting.  
You can change the SQL query if creating a user is not allowed in your test._
## _中文_
_fscan自定义规则：CVE-2024-27956 Wordpress Automatic SQL注入漏洞_
### _如何使用：_
1. _将 yml 规则文件添加到 fscan 目录 /fscan-main/WebScan/pocs 下_
2. _编译fscan_
3. _运行fscan_
### _注意：_
_如果漏洞存在，fscan会在目标WordPress下创建一个用户，如果你的测试不允许创建用户，请修改SQL语句，漏洞存在的回显内容是一样的。_

File Snapshot


 [4.0K]  /data/pocs/20f8e2e76c50a50c7113110a3b526940b82e2e09
├── [ 881]  README.md
└── [1.2K]  WordPress-Automatic-CVE-2024-27956.yml

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!