CVE-2023-3460

The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This script perform an exploit for this vulnerability and scan different targets, looking for this vulnerability.

Install

git clone https://github.com/diego-tella/CVE-2023-3460/
cd CVE-2023-3460/
python exploit.py

Usage

python exploit.py -t http://target.com/wordpress #basic usage
python exploit.py -c -l list.txt #scan a list of targets

Disclaimer

This program is for Educational purpose ONLY. Do not use it without permission. The author or any Internet provider bears NO responsibility for content or misuse of this program or any derivatives thereof.

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
README.md		README.md
exploit.py		exploit.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

exploit.py

exploit.py

Repository files navigation

CVE-2023-3460

Install

Usage

Disclaimer

About

Releases

Packages

Languages

diego-tella/CVE-2023-3460

Folders and files

Latest commit

History

README.md

README.md

exploit.py

exploit.py

Repository files navigation

CVE-2023-3460

Install

Usage

Disclaimer

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages