VULHUB ™

<p>WordPress插件 , Responsive Thumbnail Slider Plugin 1.0,任意文件上传。</p><p>这个漏洞非常严重，涉及到很多WordPress主题。</p><p>这个任意文件上传漏洞，不需要与管理员发生互动，而且不需要有管理员的权限，甚至不需要普通用户的账号密码，就能完成这个攻击。</p> For Exploiting This Vulnerability : </br>Go To Add Image Section And Upload File By Self Plugin Uploader </br>Then Upload File With Double Extension Image </br> And By Using A BurpSuite Or Tamper Data Change The File Name From Shell.php.jpg To Shell.php </br>And Shell Is Uploaded . :)

<p>WordPress插件 , Responsive Thumbnail Slider Plugin 1.0,任意文件上传。</p><p>这个漏洞非常严重，涉及到很多WordPress主题。</p><p>这个任意文件上传漏洞，不需要与管理员发生互动，而且不需要有管理员的权限，甚至不需要普通用户的账号密码，就能完成这个攻击。</p> For Exploiting This Vulnerability : </br>Go To Add Image Section And Upload File By Self Plugin Uploader </br>Then Upload File With Double Extension Image </br> And By Using A BurpSuite Or Tamper Data Change The File Name From Shell.php.jpg To Shell.php </br>And Shell Is Uploaded . :)