SSD Advisory – Auth Bypass and RCE in Infinite WP Admin Panel

Uncategorized

Exploit #!/usr/bin/env python3 # coding: utf8 # # exploit code for unauthenticated rce in InfiniteWP Admin Panel v2.15.6 # # tested on: # – InfiniteWP Admin Panel v2.15.6 released on August 10, 2020 # # the bug chain is made of two bugs: # 1. weak password reset token leads to privilege escalation # 2.Read MoreSecurity News