WARNING! Fake news / Disputed / BOGUS

Wordpress Better-wp-security Plugin Remote Code Execution

2015-04-02 / 2015-04-04
Credit: Milad Hacking
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] | [+] Exploit Title: Wordpress Better-wp-security Plugin Remote Code Execution | [+] Exploit Author: Milad Hacking | [+] Vendor Homepage : https://wordpress.org/plugins/better-wp-security/ | [+] Download Link : https://downloads.wordpress.org/plugin/better-wp-security.4.6.12.zip | [+] Tested on: Kali , lceweasel | [+] Date : 2015-04-04 | [+] Version : 4.6.12 | [+] Google Dork : inurl:wp-content/plugins/better-wp-security | [+] Discovered By : Milad Hacking |-------------------------------------------------------------------------| | [+] Exploit: | | [+] Location : http://site.com/wp-content/plugins/better-wp-security/better-wp-security.php | [+] Vulnerability is also triggered in: http://site.com/wp-content/plugins/better-wp-security/core/class-itsec-core.php | [+] Vulnerable Code : Line 723 | [+] Screenshot : http://fullsecurity.org/acc/wp-content/uploads/Screenshot-from-2015-04-03-012110-e1427980993309.png public function admin_tooltip_ajax() { global $itsec_globals; if ( ! isset( $_POST['nonce'] ) || ! wp_verify_nonce( sanitize_text_field( $_POST['nonce'] ), 'itsec_tooltip_nonce' ) ) { die (); } if ( sanitize_text_field( $_POST['module'] ) == 'close' ) { $data = $itsec_globals['data']; $data['tooltips_dismissed'] = true; update_site_option( 'itsec_data', $data ); } else { call_user_func_array( $this->tooltip_modules[ sanitize_text_field( $_POST['module'] ) ]['callback'], array() ); } die(); // this is required to return a proper result } [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

References:

https://downloads.wordpress.org/plugin/better-wp-security.4.6.12.zip


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top