Skip to content
/ Wordpress-LFI-Site-Editor-1.1.1-Bash-Script- Public

This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash

License

CC0-1.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sergiovks/Wordpress-LFI-Site-Editor-1.1.1-Bash-Script-

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
lfi_wordpress_site_editor.sh
lfi_wordpress_site_editor.sh
 
 

Repository files navigation

Wordpress LFI Site Editor 1.1.1 Bash Script

This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash.

The usage is simple you just have to change the IP in the curl command of the script for the DNS address or the IP address you want to take advantage to, and you need to change or delete the WORDPRESSDIRECTORY in the curl command of the script for the WordPress home directory or delete it if the Wordpress is in the main page of the web server.

To detect if a Wordpress site got this vulnerability you can launch a wpscan to the URL of the Wordpress site or search in the source code for that plugin.

About

This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash

Topics

wordpress wordpress-plugin lfi lfi-exploit

Resources

Readme

License

CC0-1.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages