CVE-2024-9593 PoC — WordPress plugin Time Clock plugin and Time Clock Pro 代码注入漏洞

Source

https://github.com/0x4f5da2-venom/CVE-2024-9593-EXP

Associated Vulnerability

Title:WordPress plugin Time Clock plugin and Time Clock Pro 代码注入漏洞 (CVE-2024-9593)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Time Clock plugin and Time Clock Pro 1.2.2版本及之前版本存在代码注入漏洞，该漏洞源于包含一个远程代码执行。

Description

CVE-2024-9593  WordPress插件的远程代码执行

Readme

# CVE-2024-9593-EXP
CVE-2024-9593  WordPress插件的远程代码执行
代码中我加入了高线程异步协同批量脚本，速度极快200多个url达到惊人的6s，准确率也是极高！！
执行python CVE-2024-9593.py 之后输入 xx.txt地址就行 即可
<img width="881" alt="image" src="https://github.com/user-attachments/assets/deb4a458-8186-44d4-b227-552d66ea043c">

![image](https://github.com/user-attachments/assets/9e387233-e9d4-4ac1-98f4-fd7bc930b339)

File Snapshot


 [4.0K]  /data/pocs/6516bea7c618f23e87fdecdb9a2356200dc08017
├── [1.4K]  CVE-2024-9593.py
└── [ 477]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!