|
new wordpress website takeover vuln (video + poc )
by zinzeur - Sunday January 14, 2024 at 04:28 PM
|
|
01-14-2024, 04:28 PM
This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !!
ps: The video is mine video : exploit: Enjoy
02-15-2024, 08:53 PM
thank you so much
02-16-2024, 04:41 PM
Nice info. Check it.
02-17-2024, 03:58 AM
thanks for info
02-17-2024, 04:39 AM
wow i love this kind of exploits
02-18-2024, 06:28 PM
thanks for info
02-19-2024, 08:42 PM
wow i love this kind of exploits I will try, master. I hope you are always healthy
02-21-2024, 08:08 PM
thank you very much sir..!
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
02-22-2024, 09:12 AM
Nice info. Check it.
02-22-2024, 09:21 AM
(01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! ok thank you brother |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [POC] Google OAuth "MultiLogin" endpoint 0-day | 106 | 13,201 |
02-10-2026, 03:34 PM Last Post: |
||
| Cool Remote Patching ETW/Amsi PoC | 6 | 2,092 |
02-08-2026, 07:58 AM Last Post: |
||
| CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC | 3 | 73 |
02-07-2026, 03:32 PM Last Post: |
||
| POC CVE-2025-24071 | 15 | 805 |
02-07-2026, 08:53 AM Last Post: |
||
| WordPress LFI to RCE - CVE-2025-0366 | 1 | 457 |
02-05-2026, 09:53 AM Last Post: |
||
