CVE-2021-42362

This exploit leverages an authenticated RCE vulnerability in WordPress Popular Posts plugin <= 5.3.2 by uploading a malicious GIF file disguised as a PHP shell via custom fields. It requires contributor-level access and the GD PHP extension to be enabled.

This PoC exploits an arbitrary file upload vulnerability in the WordPress Popular Posts plugin (CVE-2021-42362) by uploading a malicious GIF file containing PHP code to achieve remote code execution. It authenticates as a contributor-level user, configures plugin settings to enable thumbnail generation, and uploads the payload via a third-party file hosting service.

This PoC exploits a case-insensitive file extension bypass in the SP Project & Document Manager WordPress plugin (CVE-2021-42362) to upload a malicious PHP file disguised as an image. It then leverages the WordPress Popular Posts plugin to execute the uploaded shell via thumbnail generation.

This Metasploit module exploits an authenticated RCE vulnerability in WordPress Popular Posts plugin <= 5.3.2 by leveraging improper input validation to upload a malicious PHP payload disguised as a GIF image. The exploit chain involves reconfiguring plugin settings, creating a post, and triggering payload execution via the widget.