CVE-2023-5360 PoC — WordPress Plugin Royal Elementor Addons and Templates 代码问题漏洞

Source

https://github.com/Chocapikk/CVE-2023-5360

Associated Vulnerability

Title:WordPress Plugin Royal Elementor Addons and Templates 代码问题漏洞 (CVE-2023-5360)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress Plugin Royal Elementor Addons and Templates 1.3.79 版本之前存在代码问题漏洞，该漏洞源于无法正确验证上传的文件，这可能导致远程代码执行。

Description

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.

Readme

# 🚀 WordPress Royal Elementor Addons and Templates Exploit

Exploit for the unauthenticated file upload vulnerability in Royal Elementor Addons and Templates < 1.3.79.

## 📌 Description

The `Royal Elementor Addons and Templates` plugin for WordPress is vulnerable to an unauthenticated file upload vulnerability. This exploit leverages this vulnerability to upload malicious payloads to vulnerable WordPress installations.

Vulnerable versions: < 1.3.79  
CVE-ID: CVE-2023-5360  
WPVDB ID: [281518ff‑7816‑4007‑b712‑63aed7828b34](https://wpscan.com/vulnerability/281518ff‑7816‑4007‑b712‑63aed7828b34/)  
CVSSv3.1: 10.0

## 🛠️ Installation

1. Clone the repository:
    ```bash
    git clone https://github.com/Chocapikk/CVE-2023-5360.git
    ```

2. Navigate to the repository's directory:
    ```bash
    cd CVE-2023-5360
    ```

3. Install the required dependencies:
    ```bash
    pip install -r requirements.txt
    ```

## 🛠️ Usage

1. Use the following command to exploit a single URL:
    ```bash
    python3.10 exploit.py -u <TARGET_URL> -v
    ```
   Or use the following command to exploit a list of URLs:
    ```bash
    python3.10 exploit.py -l <URL_LIST_FILE> -v
    ```

Optional arguments:  
`-f, --file` : Use a custom PHP file to upload  
`-o, --output`: Save vulnerable URLs to an output file  
`-t, --threads`: Specify the number of threads to use (default is 200)  
`-T, --timeout`: Specify the request timeout in seconds (default is 10)

## 📣 Disclaimer

🚫 **Usage of this exploit without prior mutual consent is illegal.** It's the end user's responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

## ⚠️ Advisory

Ensure your WordPress installations are fully updated to safeguard against this vulnerability. Particularly, update the `Royal Elementor Addons and Templates` plugin to version 1.3.79 or later.

## 🙏 Acknowledgements

Kudos to all researchers and developers working hard to protect the web!

File Snapshot


 [4.0K]  /data/pocs/6b559d2c4b4f2eeb32715406f869540875930ee8
├── [8.1K]  exploit.py
├── [2.0K]  README.md
└── [  52]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!