CVE-2015-1579

This exploit demonstrates an arbitrary file download vulnerability in multiple WordPress themes by leveraging a path traversal flaw in the 'revslider_show_image' action parameter. The PoC allows unauthorized access to sensitive files like 'wp-config.php'.

This exploit demonstrates an arbitrary file download vulnerability in WordPress Slider Revolution Responsive plugin versions <= 4.1.4. The PoC uses a path traversal technique via the 'img' parameter in the 'revslider_show_image' action to download sensitive files like 'wp-config.php'.

This is a mass exploiter for CVE-2015-1579, targeting WordPress sites with vulnerable RevSlider plugins. It uses Selenium to search Google for potential targets and attempts to download wp-config.php files via the vulnerability.

This is a functional exploit for CVE-2015-1579, targeting WordPress Slider Revolution Responsive <= 4.1.4. It performs an arbitrary file download (AFD) attack to retrieve the wp-config.php file by exploiting a path traversal vulnerability in the admin-ajax.php endpoint.