CVE-2023-6294: popup-builder <= 4.2.6 Admin+ SSRF & File Read
In this blog post I'll describe the details of CVE-2023-6294, a local file inclusion in WordPress' popup-builder plugin.
CVE-2023-6295: so-widgets-bundle < 1.51.0 - Admin+ Local File Inclusion
In this blog post I'll describe the details of CVE-2023-6295, a local file inclusion in WordPress' so-widgets-bundle plugin.
InfiniteWP Client < 1.9.4.5 - Authentication Bypass
I was browsing wpvulndb.com when I stumbled upon the InfiniteWP Client authentication bypass. Being curios, I wanted to reverse engineer the unpublished PoC. Here's my (short) journey.
Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?)
I recently came across the following Apache vulnerability [https://httpd.apache.org/security/vulnerabilities_24.html]: "mod_rewrite potential open redirect (CVE-2019-10098)", but I couldn't find
Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts" (CVE-2019-17671)
A couple of days Wordpress released 5.2.4 with a few security patches. Props to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. caught