CVE-2021-25003

Title: WPCargo < 6.9.0 - Unauthenticated RCE
Author: Krzysztof Zając [ https://kazet.cc/ ]
CVE: CVE-2021-25003

Installation

git clone https://github.com/biulove0x/CVE-2021-25003.git
cd CVE-2021-25003/
python3 -m pip install -r requirements.txt

How to run autoexploit

$ python3 WpCargo.py --help
############################################
# @author : biulove0x                      #
# @name   : WP Plugins WPCargo Exploiter   #
# @cve    : CVE-2021-25003                 #
############################################

usage: exploit.py [-h] [-t example.com] [-l target.txt]

CVE-2021-25003 [ WPCargo < 6.9.0 - Unauthenticated RCE ]

optional arguments:
  -h, --help      show this help message and exit
  -t example.com  Single target
  -l target.txt   Multiple target

Single target

$ python3 WPCargo.py -t http://example.com/

Multiple target

$ cat domains.txt
http://example.com/
https://examples.com/

$ python3 WPCargo.py -l target.txt

References :

https://wpscan.com/vulnerability/5c21ad35-b2fb-4a51-858f-8ffff685de4a

Donate :

BTC : bc1qst09sxcnq97a4wgsqvpkg4fxyjczvs3xe7278h

BNB : bnb1jhp2hv9utr8u97387p35fmftgr8wpjp39altz0

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
README.md		README.md
WpCargo.py		WpCargo.py
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2021-25003

Installation

How to run autoexploit

Single target

Multiple target

References :

Donate :

About

Releases

Packages

Languages

biulove0x/CVE-2021-25003

Folders and files

Latest commit

History

Repository files navigation

CVE-2021-25003

Installation

How to run autoexploit

Single target

Multiple target

References :

Donate :

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages