CVE-2023-5360

This exploit demonstrates an unauthenticated arbitrary file upload vulnerability in WordPress Plugin Royal Elementor Addons <= 1.3.78, leading to Remote Code Execution (RCE). It retrieves a nonce from the target site and uploads a malicious PHP shell.

This repository contains a Python-based exploit for CVE-2023-5360, targeting a shell upload vulnerability in WordPress Royal Elementor Addons version 1.3.78. The exploit uses obfuscation techniques and requires Python 3.11+ with pycryptodome.

This repository contains a functional exploit for CVE-2023-5360, an unauthenticated file upload vulnerability in the WordPress Royal Elementor Addons and Templates plugin. The exploit uploads a malicious PHP file to achieve remote code execution.

This PoC exploits CVE-2023-5360, a file upload vulnerability in the Royal Elementor Addons WordPress plugin, allowing arbitrary PHP file uploads via a crafted request to admin-ajax.php. It includes a PHP shell upload form and logs vulnerable/exploited targets.

This repository contains a Python-based exploit for CVE-2023-5360, which appears to target a file upload vulnerability. The exploit includes a PHP shell upload script designed to execute arbitrary commands and display system information.

This exploit PoC targets a shell upload vulnerability in WordPress Royal Elementor Addons plugin version 1.3.78 (CVE-2023-5360). The exploit.py file contains obfuscated Python code that likely automates the upload of a malicious shell.

This is a functional exploit for CVE-2023-5360, an unauthenticated file upload vulnerability in the Royal Elementor Addons and Templates WordPress plugin before 1.3.79. It automates the extraction of a nonce, uploads a PHP shell (either a simple webshell or a reverse shell), and optionally starts a listener.

This repository contains a functional exploit for CVE-2023-5360, which appears to be a file upload vulnerability allowing arbitrary file uploads to a web server. The exploit includes a PHP shell upload script and a Python-based exploit script to automate the attack.

This is a fully functional Python-based exploit for CVE-2023-5360, targeting Royal Elementor Addons ≤ 1.3.78. It leverages unauthenticated arbitrary file upload to achieve RCE by bypassing client-side nonce validation and file extension checks.

This repository contains a Python-based exploit for CVE-2023-5360, an unauthenticated arbitrary file upload vulnerability in Royal Elementor Addons and Templates <= 1.3.78. The exploit uploads a malicious PHP file to achieve remote code execution.

This PoC exploits CVE-2023-5360, an arbitrary file upload vulnerability in a WordPress plugin, allowing attackers to upload a malicious PHP shell. The script automates the process of retrieving a nonce, uploading the shell, and verifying its execution.

This Metasploit module exploits an unauthenticated file upload vulnerability in WordPress Royal Elementor Addons plugin versions prior to 1.3.79, allowing remote code execution via a malicious PHP file upload.