mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
2.0 KiB
2.0 KiB
CVE-2021-24499
Description
The Workreap WordPress theme before 2.2.2 AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.
POC
Reference
- http://packetstormsecurity.com/files/172876/WordPress-Workreap-2.2.2-Shell-Upload.html
- https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/
- https://wpscan.com/vulnerability/74611d5f-afba-42ae-bc19-777cdf2808cb
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/RyouYoo/CVE-2021-24499
- https://github.com/buka-pitch/Exploit-for-WordPress-Theme-Workreap-2.2.2
- https://github.com/hh-hunter/cve-2021-24499
- https://github.com/j4k0m/CVE-2021-24499
- https://github.com/jytmX/CVE-2021-24499
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/n0-traces/cve_monitor
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC