module
WordPress WP GDPR Compliance Plugin Privilege Escalation
| Disclosed | Created |
|---|---|
| 11/08/2018 | 03/19/2019 |
Disclosed
11/08/2018
Created
03/19/2019
Description
The Wordpress GDPR Compliance plugin wordpress administration options by overwriting values within the database.
The vulnerability is present in WordPress’s admin-ajax.php, which allows unauthorized
users to trigger handlers and make configuration changes because of a failure to do
capability checks when executing the 'save_setting' internal action.
WARNING: The module sets Wordpress configuration options without reading their current
values and restoring them later.
The vulnerability is present in WordPress’s admin-ajax.php, which allows unauthorized
users to trigger handlers and make configuration changes because of a failure to do
capability checks when executing the 'save_setting' internal action.
WARNING: The module sets Wordpress configuration options without reading their current
values and restoring them later.
Authors
Mikey Veenstra (WordFence)Thomas Labadie
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/admin/http/wp_gdpr_compliance_privesc
msf /(c) > show actions
...actions...
msf /(c) > set ACTION < action-name >
msf /(c) > show options
...show and set options...
msf /(c) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.