GitHub repository for CVE-2023-3460 POC# CVE-2023-3460
Exploit for CVE-2023-3460 - Unauthorized admin access for Ultimate Member plugin. Made with Golang
```
╔══════════════════════════════════════════════════╗ ╔══════════════════════════════════════════════════╗
║ DISCLAIMER ║ ║ ABOUT THE PROJECT ║
║ ║ ║ ║
║ This Proof of Concept (PoC) has been developed ║ ║ I had problems in some cases with this exploit. ║
║ for educational and research purposes only. ║ ║ Things like this must happen since it's a dev ║
║ Its intention is to explore potential security ║ ║ version. Project intended to increase the scope ║
║ vulnerabilities and raise awareness about them. ║ ║ of the exploit, and not need to open BurpSuite ║
║ ║ ║ and test by hand everytime you find a Wordpress ║
║ USAGE DISCLAIMER: ║ ║ WebApp. Improvements are on the way, and I ║
║ Any use of this PoC on systems or websites you ║ ║ promise I won't leave the dirty code as it is ║
║ do not have explicit authorization for may ║ ║ (I think). ║
║ violate ethical standards and legal regulations. ║ ║ ║
║ ║ ║ UPCOMING FEATURES: ║
║ USAGE AT YOUR OWN RISK: ║ ║ - Scanning functionality to identify exposed ║
║ Using this PoC on unauthorized systems or ║ ║ systems ║
║ websites may lead to legal consequences. Always ║ ║ - Improved nonce search for various registration ║
║ obtain proper authorization before testing. ║ ║ patterns ║
║ ║ ║ - Customizable admin creation options (Like set ║
║ The creator of this PoC are not responsible ║ ║ parameters that registration require) ║
║ for any misuse or damage caused by its usage. ║ ║ ║
║ ║ ║ ║
║ [ Version 0.1 ] ║ ║ [ By BlackReaperSK ] ║
╚══════════════════════════════════════════════════╝ ╚══════════════════════════════════════════════════╝
```
[4.0K] /data/pocs/7f74f600d503796f9eaa91b53a8ebf1b5a0b3132
├── [3.0K] CVE-2023-3460.go
├── [ 243] go.mod
├── [1020] go.sum
├── [1.0K] LICENSE
└── [3.1K] README.md
0 directories, 5 files