cve/CVE-2023-28121.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

1.3 KiB

Raw Permalink Blame History

CVE-2023-28121

Description

An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauthenticated attacker to send requests on behalf of an elevated user, like administrator. This allows a remote, unauthenticated attacker to gain admin access on a site that has the affected version of the plugin activated.

POC

Reference

https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/

Github

https://github.com/1337nemojj/CVE-2023-28121
https://github.com/ARPSyndicate/cvemon
https://github.com/Jenderal92/CVE-2023-28121
https://github.com/Jenderal92/WP-CVE-2023-28121
https://github.com/XRSec/AWVS-Update
https://github.com/gbrsh/CVE-2023-28121
https://github.com/getdrive/PoC
https://github.com/iluaster/getdrive_PoC
https://github.com/im-hanzou/Mass-CVE-2023-28121
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/rio128128/Mass-CVE-2023-28121-kdoec

1.3 KiB Raw Permalink Blame History

CVE-2023-28121

Description

POC

Reference

Github

1.3 KiB

Raw Permalink Blame History