CVE-2018-25095 The plugin does not properly escape values when its installer script replaces values in WordPress configuration files. If this installer script is left on the site after use, it could be use to run arbitrary code on the server.
For more exploits and exclusive ones contact me on telegram @KtN1990.
To run this exploit you need to have python 3 and websites list then execute
python3 exploit.py -l list.txt -t 100
- Provides an easy and efficient way to assess and exploit Wordpress security holes for mass purposes.
- 140+ Exploits, all types (RCE, LOOTS, AUTHBYPASS...).
- Customizable config.
- Monthly Free updates including more code opitmization, fixing bugs, adding more exploits plus 0days.
- Strong code base and custom threading and process model using a tasks management feature, getting reliable results is assured; no need to talk about speed since at KTN we use unconventional methods for concurrency.
- Telegram Channel
