mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-26 01:07:59 +02:00
0xMarcio
1.2 KiB
1.2 KiB
CVE-2022-0165
&color=brightgreen)
Description
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users
POC
Reference
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Cappricio-Securities/CVE-2022-0165
- https://github.com/K3ysTr0K3R/CVE-2022-0165-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
- https://github.com/nomi-sec/PoC-in-GitHub