Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-24186 PoC — WordPress 代码问题漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-24186.yaml
Associated Vulnerability
Title:WordPress 代码问题漏洞 (CVE-2020-24186)
Description:WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress wpDiscuz 7.0.4之前版本中存在远程代码执行漏洞,该漏洞允许攻击者上传任意文件。.
Description
WordPress wpDiscuz plugin versions  version 7.0 through 7.0.4 are susceptible to remote code execution. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site's server.
File Snapshot

 id: CVE-2020-24186

info:
  name: WordPress wpDiscuz <=7.0.4 - Remote Code Execution
  author: Ganof

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.