CVE-2024-9796 PoC — WordPress plugin WP-Advanced-Search 安全漏洞

Source

https://github.com/BwithE/CVE-2024-9796

Associated Vulnerability

Title:WordPress plugin WP-Advanced-Search 安全漏洞 (CVE-2024-9796)
Description:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin WP-Advanced-Search 3.3.9.2之前版本存在安全漏洞，该漏洞源于对参数的清理和转义不足，允许未经身份验证的用户执行SQL注入攻击。

Description

CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection. Poc.

Readme

# CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection

## Description
The PoC SQL injection will dump WordPress users and hashes.

## Disclaimer:
This script is for educational use only. 

Do not use it for illegal purposes. 

If you do, it’s entirely your responsibility; I am not liable for any misuse.

## More information on the exploit
https://wpscan.com/vulnerability/2ddd6839-6bcb-4bb8-97e0-1516b8c2b99b/

## Usage:
```
# Successful attempt
python3 poc.py -i 127.0.0.1
[!] 127.0.0.1 has been PWNed!
admin:$P$H5blBNpO5AVI7eDJJi95E6pso16h981
user:$P$H1Sa1pcnzwWha3G9XH5rkfB6wOcE2a1

# unsuccessful attempt
python3 poc.py -i 127.0.0.1
[!] Doesn't look vulnerable..
```

File Snapshot


 [4.0K]  /data/pocs/f315074841952d2f17ed7cd0f2f52ced40d8c4e2
├── [1.4K]  poc.py
└── [ 698]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!