The Insert or Embed Articulate Content into WordPress plugin for WordPress is vulnerable to arbitrary file uploads through insecure file uploads in a zip archive in all versions up to, and including, 4.3000000023. This makes it possible for unauthenticated attackers to upload zip files containing phar files on the affected site's server which may make remote code execution possible.
Important
CVSS: 8.8 (High) [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H]
Software Type: Plugin
Software Slug: insert-or-embed-articulate-content-into-wordpress
Affected Version: <= 4.3000000023
- Clone the exploit
git clone https://github.com/hunThubSpace/CVE-2024-0757-Exploit.git && cd CVE-2024-0757-Exploit- Install requirements
pip install -r requirements.txt- Run exploit
python3 exploit.py- Browse to given url and click on Go to shell page
- You have a shell :)