Giters

Hunt3r850 / CVE-2024-10924-Wordpress-Docker

Repository from Github https://github.comHunt3r850/CVE-2024-10924-Wordpress-DockerRepository from Github https://github.comHunt3r850/CVE-2024-10924-Wordpress-Docker

CVE-2024-10924 : Wordpress Really Simple Security authentication bypass flaw in Docker

Description

The Really Simple Security plugins (Free, Pro, and Pro Multisite) for WordPress, versions 9.0.0 to 9.1.1.1, are affected by an authentication bypass vulnerability.

This issue arises from improper error handling in the check_login_and_get_user function used in two-factor REST API actions.

As a result, unauthenticated attackers can potentially log in as any existing user, including administrators, if the "Two-Factor Authentication" feature is enabled (disabled by default).

Vulnerable docker

git clone git@github.com:Trackflaw/CVE-2024-10924-Wordpress-Docker.git
cd CVE-2024-10924-Wordpress-Docker
docker compose up --build

Video

exploit-wordpress.mp4

About

Languages

Language:PHP 70.4%Language:JavaScript 20.5%Language:CSS 8.4%Language:SCSS 0.5%Language:HTML 0.2%Language:Less 0.0%Language:Shell 0.0%Language:Dockerfile 0.0%