CVE-2024-11613 PoC — WordPress plugin WordPress File Upload 代码注入漏洞

Source

Associated Vulnerability

Description

Exploit by Chirag Artani for CVE-2024-11613 in WordPress File Upload

Readme

# CVE-2024-11613-wp-file-upload
Exploit by Chirag Artani (https://3rag.com) for CVE-2024-11613 in WordPress File Upload

### Here is information -

The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server.

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-file-upload/wordpress-file-upload-42415-unauthenticated-remote-code-execution-arbitrary-file-read-and-arbitrary-file-deletion


![image](https://github.com/user-attachments/assets/42501138-4e07-4901-986e-f790250c2d6d)

https://x.com/theabrahack/status/1876736264205971654

An Example- 

![image](https://github.com/user-attachments/assets/68d1210e-d2aa-481b-ba63-940232631675)

Note: version below 4.24.15 are vulnerable for the path traversal vulnerability, then it can lead to exploit it for RCE by creating json stuff. 

Join - https://x.com/Chirag99Artani

File Snapshot

 [4.0K]  /data/pocs/87483598867c54b90367b071e4b9c8bd341b99f8
├── [7.5K]  poc.php
└── [1.2K]  README.md

0 directories, 2 files

Remarks