CVE-2021-29447 PoC — WordPress 代码问题漏洞

Source

https://github.com/Val-Resh/CVE-2021-29447-POC

Associated Vulnerability

Title:WordPress 代码问题漏洞 (CVE-2021-29447)
Description:WordPress是WordPress（Wordpress）基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 存在代码问题漏洞，攻击者可利用该漏洞在成功的XXE攻击中可以访问内部文件。

Description

Proof of Concept for CVE-2021-29447 written in Python

Readme

# CVE-2021-29447 Proof of Concept 
Proof of Concept for CVE-2021-29447 written in Python.<br>
Details about the CVE can be found at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29447

## Disclaimer
This script is a PoC for authorized ethical security testing only.

## Usage
```
usage: python3 CVE-2021-29447.py [-h] --url URL --server-ip SERVER IP -u Username -p Password

This is a tool for demostrating a Proof of Concept for the CVE-2021-29447 affecting WordPress versions 5.7, 5.6.2,
5.6.1, 5.6, 5.0.11 Requires available port on 45454

optional arguments:
  -h, --help            show this help message and exit
  --url URL             Target host's URL
  --server-ip SERVER IP
                        Your IP. Used to host a server to receive the files.
  -u Username           User's Username
  -p Password           User's Password
```

File Snapshot


 [4.0K]  /data/pocs/6dac5f650446f0cb5ad0f08dad21f11e28705cb7
├── [7.6K]  CVE-2021-29447.py
└── [ 856]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!