No description, website, or topics provided.
Python
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
exploits
README.md
wp-csrf-poc.py

README.md

WP-CSRF-POC

This project serves to demonstrate a few novel ideas for how to exploit vulnerabilities in Wordpress plugins that allows for delivering a XSS payload through a CSRF vector, and doing so by delivering the minimal viable set of code to the browser. Rather than spraying a target, we can determine the presence of a plugin on a target on demand. This allows for a more sneaky delivery of our payload.