OP 09 May, 2024 - 01:05 AM
Here's a cool find I'm sure someone could use:
Attack Surface: Wordpress plugin - https://valvepress.com
Vulnerability: SQLI
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Exploit: https://github.com/diego-tella/CVE-2024-27956-RCE/
I feel like this would be an easy exploit to automate. Enjoy :)
Attack Surface: Wordpress plugin - https://valvepress.com
Vulnerability: SQLI
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Exploit: https://github.com/diego-tella/CVE-2024-27956-RCE/
I feel like this would be an easy exploit to automate. Enjoy :)