Skip to content

JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51791

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
plugin/2.7.0
plugin/2.7.0
 
 
CVE-2024-51791-1.PNG
CVE-2024-51791-1.PNG
 
 
CVE-2024-51791-2.PNG
CVE-2024-51791-2.PNG
 
 
CVE-2024-51791.py
CVE-2024-51791.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2024-51791 / 0-Click RCE Exploit

CVE-2024-51791 CVE-2024-51791

This repository contains a proof-of-concept exploit for CVE-2024-51791, an unauthenticated arbitrary file upload vulnerability in a vulnerable WordPress forms plugin, leading to remote command execution (RCE).

What the script does

The script uploads a PHP payload through a vulnerable form endpoint without authentication. It then enumerates upload directories to locate the payload, detects the target operating system, and provides an interactive remote shell for command execution.

Usage

python CVE-2024-51791.py --target http://target-wordpress-site/form-1/ --form-id 375

After execution, the script uploads the payload, discovers the upload location automatically, detects the OS, and drops into an interactive shell.

Notes

  • No authentication required (pre-auth / 0-click).

About

Unauthenticated 0-click RCE exploit for CVE-2024-51791. Exploits an arbitrary file upload vulnerability in a vulnerable WordPress forms plugin to upload a PHP payload, locate the uploaded file, detect the target OS, and obtain remote command execution via an interactive shell.

Topics

python php wordpress wordpress-plugin hacking bug-bounty cve-2024-51791

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages