WordPress codepath week seven

Presentation on week7

EXPOIT 1:- Vulnerabilty CVE-2015-3440 WP version: 4.2 Remediation; Update to version: 4.7.5 Steps to exploit

creat some post on the blog and logout .
visit the blog
let go to the post and add a comment, and your coment shloud include xss <svg/onload-alert('XSS')>

1. Then view page source to confirm code was injected

EXPOIT 2:- Vulnerabilty CVE-2018-6389 WP version: 4.2 Remediation; Update to version: 4.9 Steps to exploit

Download py script https://github.com/Quitten/doser.py
run py script on wp python doser.py -t 999 -g 'http://wpdistillery.vm' in brower try to visit WPdistilery.vp page is inaccesable becaouse of DOS attack

EPOit 3:- Vulnerabilty CVE-2017-1001000 WP version: 4.7 Remediation; Update to version: 4.8 Steps to exploit 1.log in to WP as admin 2.Post somthing 3.make sure the permalink setting are post name

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
README.md		README.md
Screen Shot WP comment XSS.png		Screen Shot WP comment XSS.png
WP WAITING .gif		WP WAITING .gif
WP WAITING .png		WP WAITING .png
pop up on WP.png		pop up on WP.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Screen Shot WP comment XSS.png

Screen Shot WP comment XSS.png

WP WAITING .gif

WP WAITING .gif

WP WAITING .png

WP WAITING .png

pop up on WP.png

pop up on WP.png

Repository files navigation

WordPress codepath week seven

About

Releases

Packages

YemiBeshe/Codepath-WP1

Folders and files

Latest commit

History

Repository files navigation

WordPress codepath week seven

About

Resources

Stars

Watchers

Forks