22 lines
No EOL
894 B
Text
22 lines
No EOL
894 B
Text
# Exploit Title: WordPress Plugin TablePress 1.14 - CSV Injection
|
|
# Date: 07/09/2021
|
|
# Exploit Author: Nikhil Kapoor
|
|
# Vendor Homepage:
|
|
# Software Link: https://wordpress.org/plugins/tablepress/
|
|
# Version: 1.14
|
|
# Category: Web Application
|
|
# Tested on Windows
|
|
|
|
How to Reproduce this Vulnerability:
|
|
|
|
1. Install WordPress 5.8.0
|
|
2. Install and activate TablePress
|
|
3. Navigate to TablePress >> Add New >> Enter Table Name and Description (If You want this is Optional) >> Select Number of Rows and Columns
|
|
4. Click on Add Table
|
|
5. Now in Table Content Input Field Enter CSV Injection Payload
|
|
6. Click on Save Changes
|
|
6. Now go to All Table in TablePress select our entered table >> Click on Export >> Select CSV as an Export Format.
|
|
7. Click on Download Export File
|
|
8. Open the exported CSV file you will see that CSV Injection got Successfully Executed.
|
|
|
|
Payload Used :- @SUM(1+9)*cmd|' /C calc'!A0 |