漏洞描述
【漏洞对象】WordPress 【漏洞描述】 黑客可以枚举口令,进入网站后台
wordpress xmlrpc.php-暴力破解
PoC代码
暂无相关漏洞推荐
- POC CVE-2015-8350: WordPress Calls to Action <=2.4.3 - Authenticated Reflected XSS
- POC CVE-2017-18580: WordPress Shortcodes Ultimate <= 5.0.0 - Authenticated Remote Code Execution
- POC CVE-2020-12832: WordPress Simple File List - Path Traversal
- POC CVE-2021-24657: Limit Login Attempts WordPress - Stored Cross-site Scripting
- POC CVE-2021-24681: Duplicate Page WordPress - Stored Cross-Site Scripting
- POC CVE-2021-25082: WordPress Popup Builder < 4.0.7 - Remote Code Execution
- POC CVE-2022-0765: WordPress Loco Translate < 2.6.1 - Cross-Site Scripting
- POC CVE-2022-0873: WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting
- POC CVE-2023-27624: WordPress Redirect After Login <= 0.1.9 - Admin Stored XSS
- POC CVE-2023-6266: WordPress Backup Migration <= 1.3.6 - Path Traversal
- POC CVE-2023-7164: WordPress BackWPup < 4.0.4 - Backup File Disclosure
- POC CVE-2024-35693: WordPress 12 Step Meeting List Plugin <= 3.14.33 - Cross-Site Scripting
- POC CVE-2024-35694: Wordpress WPMobile.App >= 11.42 - Cross-Site Scripting