CVE-2019-8943

This Metasploit module exploits a path traversal and local file inclusion vulnerability in WordPress (CVE-2019-8943) to achieve remote code execution by uploading a malicious image file and including it in the theme.

This exploit targets a path traversal vulnerability in WordPress (CVE-2019-8943) to achieve remote code execution by manipulating image metadata and leveraging the image cropping functionality to write a malicious PHP file.

This exploit leverages CVE-2019-8943 (and CVE-2019-8942) to achieve remote code execution on WordPress versions 5.0.0 and below by manipulating image uploads and path traversal to execute arbitrary PHP code.

This is a Python-based exploit for CVE-2019-8943, an authenticated remote code execution vulnerability in WordPress. It leverages image upload and path traversal to drop a PHP backdoor.

This Metasploit module exploits a path traversal and local file inclusion vulnerability in WordPress versions 5.0.0 and <= 4.9.8, allowing authenticated users with author privileges to upload a malicious image file and achieve remote code execution.

This repository contains a functional Python exploit for CVE-2019-8943, which targets WordPress versions 5.0.0 and below. The exploit chains authentication, image upload manipulation, and path traversal to achieve remote code execution (RCE) via a crafted image file.