metasploit-framework icon indicating copy to clipboard operation
metasploit-framework copied to clipboard
verified publisher icon rapid7

Add WordPress wp-automatic SQLi to RCE module (CVE-2024-27956)

Open Chocapikk opened this issue 1 year ago • 0 comments

Hello Metasploit Team,

This PR adds a new exploit module for the SQL injection vulnerability in the WordPress wp-automatic plugin, affecting versions prior to 3.92.1 (CVE-2024-27956). The vulnerability allows unauthenticated attackers to inject SQL commands, enabling them to create a malicious administrator account. Using the newly created admin account, the attacker can upload a plugin and achieve remote code execution (RCE).

Verification steps:

  1. Set up a vulnerable WordPress instance with the wp-automatic plugin version < 3.92.1.
  2. Use the provided Metasploit module to create an administrator account and exploit the site.
  3. Verify the execution of the uploaded plugin and subsequent RCE.

Let me know if you have any feedback or suggestions for improvements.

Chocapikk avatar Sep 22 '24 12:09 Chocapikk