WordPress Plugin Contact Form Check Tester 1.0.2 – Broken Access Control

Exploit Database
94 阅读

作者： 0xB9

日期： 2022-02-02
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/50703/

# Exploit Title: WordPress Plugin Contact Form Check Tester 1.0.2 - Broken Access Control
# Date: 2/28/2021
# Author: 0xB9
# Software Link: https://wordpress.org/plugins/contact-fo...ck-tester/
# Version: 1.0.2
# Tested on: Windows 10
# CVE: CVE-2021-24247

1. Description:
The plugin settings are visible to all registered users in the dashboard.
A registered user can leave a payload in the plugin settings.

2. Proof of Concept:
- Register an account
- Navigate to the dashboard
- Go to CF7 Check Tester -> Settings
- Add a form
- Add a field to the form
- Put in a payload in either Field selector or Field value"><script>alert(1)</script>
- Save
Anyone who visits the settings page will execute the payload.

last Exploits
WordPress Plugin Contact Form Check Tester 1.0.2 – Broken Access Control的更多信息

kora – Reinstall Admin Information：
osCSS 1.2.1 – Arbitrary File Upload：
Umapresence – Local File Inclusion / Arbitrary File Deletion：
WordPress Plugin Simple Ads Manager – Information Disclosure：
Veeam ONE Reporter 9.5.0.3201 – Persistent Cross-Site Scripting：
Online Clothing Store 1.0 – Persistent Cross-Site Scripting：
Joomla! Component com_cgtestimonial 2.2 – Multiple Vulnerabilities：
TOPSEC Firewalls – ‘ELIGIBLECANDIDATE’ Remote Code Execution：