CVEs-PoC/2020/CVE-2020-8772.md at f3cb71a247f4a97ff14b1bf0dd2e46d4b16bc4e5

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-11 20:52:49 +02:00

Files

T

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

1.0 KiB

Raw Blame History

CVE-2020-8772

Description

The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.

POC

Reference

https://wpvulndb.com/vulnerabilities/10011

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/ChoiSG/vwp
https://github.com/Elsfa7-110/kenzer-templates
https://github.com/HycCodeQL/wordpress
https://github.com/Irdinaaaa/pentest
https://github.com/beardcodes/wordpress
https://github.com/d4n-sec/d4n-sec.github.io
https://github.com/ehsandeep/wordpress-application
https://github.com/vavkamil/dvwp

1.0 KiB Raw Blame History

CVE-2020-8772

Description

POC

Reference

Github

1.0 KiB

Raw Blame History