CVE-2011-4899
WordPress < 3.3.1 - Static Code Injection and Cross-Site Scripting via Database Configuration
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-4899. PoCs published by Trustwave's SpiderLabs.
AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in WordPress 3.3.1 and prior, including PHP code execution, persistent XSS, and MySQL credential disclosure via the 'setup-config.php' installation page. It leverages a malicious MySQL instance to bypass authentication and inject malicious code.
Description
wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue; however, remote code execution makes the issue important in many realistic environments
Exploits (1)
This exploit demonstrates multiple vulnerabilities in WordPress 3.3.1 and prior, including PHP code execution, persistent XSS, and MySQL credential disclosure via the 'setup-config.php' installation page. It leverages a malicious MySQL instance to bypass authentication and inject malicious code.