CVEs-PoC/2020/CVE-2020-10568.md at 8babdbc0f86ff50487ee8a64da39b2f433a34aa1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-23 23:14:03 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings.

POC

Reference

https://medium.com/%40arall/sitepress-multilingual-cms-wplugin-wpml-4-3-7-b-2-9c9486c13577
https://medium.com/@arall/sitepress-multilingual-cms-wplugin-wpml-4-3-7-b-2-9c9486c13577
https://wpvulndb.com/vulnerabilities/10131

Github

https://github.com/20142995/nuclei-templates
https://github.com/ARPSyndicate/cvemon

981 B Raw Blame History

CVE-2020-10568

Description

POC

Reference

Github

981 B

Raw Blame History