Skip to content
/ CVE-2019-9787 Public

Overview PoC of CSRF CVE-2019-9787 WordPress Version 5.1.1

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dexXxed/CVE-2019-9787

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
nginx
nginx
 
 
screenshots
screenshots
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

CVE-2019-9787 CSRF PoC

Overview

PoC of CSRF CVE-2019-9787 WordPress Version 5.1.1 CVE-2019-9787

Do not use this, EXCEPT for TEST purpose.

Installation

docker-compose up -d

Attack

  1. Access http://localhost:8080/wp-admin/install.php and install WordPress. you only have to create WP admin account.

  1. Access http://localhost:8080/?p=1#comments as a visitor, and post comment like "Hacker Attack http://localhost/".

  1. Click the link posted at 2.

  1. You will see the comment "CSRF Attack made Successfully!" is posted by user you currently logged in.

About

Overview PoC of CSRF CVE-2019-9787 WordPress Version 5.1.1

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages