03-21-2025, 03:49 AM
thanks for info
|
new wordpress website takeover vuln (video + poc )
by zinzeur - Sunday January 14, 2024 at 04:28 PM
|
|
03-24-2025, 05:10 PM
(01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! nice info bro thanks u so much
03-24-2025, 05:30 PM
thanks for the info mate!
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Document sales are not permitted
03-24-2025, 05:35 PM
Great job thank you
03-24-2025, 10:30 PM
Nice! Thanks for sharing!
03-25-2025, 08:36 AM
Hope this is a surprise
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.
03-29-2025, 11:44 AM
(01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! thank you for this friend
This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect. (01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! I remember when my wordpress got pwned recently. My friend showed me how to do it, but it went by so quick. Hopefully this helps me to understand it (01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! I remember when my wordpress got pwned recently. My friend showed me how to do it, but it went by so quick. Hopefully this helps me to understand it
04-02-2025, 05:44 PM
(01-14-2024, 04:28 PM)zinzeur Wrote: This is a brand new vuln (released about 3 days ago) affecting wordpress websites (any version) with post smtp plugin installed version <=2.8.7 (latest is 2.8.9). It allows complete admin takeover by ressetting password and retrieving sent email from smtp log api . Enjoy !! thanks for sharing
04-02-2025, 09:55 PM
thanks for info
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [POC] Google OAuth "MultiLogin" endpoint 0-day | 106 | 13,201 |
02-10-2026, 03:34 PM Last Post: |
||
| Cool Remote Patching ETW/Amsi PoC | 6 | 2,092 |
02-08-2026, 07:58 AM Last Post: |
||
| CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC | 3 | 73 |
02-07-2026, 03:32 PM Last Post: |
||
| POC CVE-2025-24071 | 15 | 805 |
02-07-2026, 08:53 AM Last Post: |
||
| WordPress LFI to RCE - CVE-2025-0366 | 1 | 457 |
02-05-2026, 09:53 AM Last Post: |
||