nomisec
WORKING POC
116 stars
by AiGptCode · remote
https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
This repository contains a functional exploit for CVE-2024-27956, targeting the WP Automatic WordPress plugin. The exploit automates the creation of an admin account and executes a reverse shell via SQL injection and file upload.
Classification
Working Poc 95%
Target:
WordPress WP Automatic plugin
No auth needed
Prerequisites:
Target must have WP Automatic plugin installed and vulnerable · Network access to the target WordPress site
nomisec
WORKING POC
89 stars
by diego-tella · remote
https://github.com/diego-tella/CVE-2024-27956-RCE
This PoC exploits CVE-2024-27956, a SQL injection vulnerability in the ValvePress Automatic plugin for WordPress. It creates an admin user via unsanitized input in the 'q' parameter, leading to potential RCE through WordPress admin privileges.
Classification
Working Poc 95%
Target:
ValvePress Automatic plugin for WordPress
No auth needed
Prerequisites:
Target must have the vulnerable ValvePress Automatic plugin installed · Network access to the WordPress site
nomisec
WORKING POC
7 stars
by ThatNotEasy · remote
https://github.com/ThatNotEasy/CVE-2024-27956
This Python script exploits CVE-2024-27956, a SQL injection vulnerability in WordPress leading to RCE by creating an admin user. It uses multi-threading for concurrent exploitation and includes detailed logging.
Classification
Working Poc 95%
Target:
WordPress with wp-automatic plugin
No auth needed
Prerequisites:
Vulnerable WordPress installation with wp-automatic plugin · Network access to the target
nomisec
SCANNER
2 stars
by Cappricio-Securities · infoleak
https://github.com/Cappricio-Securities/CVE-2024-27956
This repository contains a Python-based scanner for detecting CVE-2024-27956, a vulnerability that appears to involve SQL injection via a time-based payload. The tool includes functionality for scanning single or multiple URLs, sending Telegram notifications, and logging results.
Classification
Scanner 90%
Target:
Unknown (scanner targets web applications with specific endpoints)
No auth needed
Prerequisites:
Python 3.x · requests library · Telegram API key for notifications
nomisec
WORKING POC
2 stars
by itzheartzz · remote
https://github.com/itzheartzz/MASS-CVE-2024-27956
This PoC exploits CVE-2024-27956, a SQL injection vulnerability in the ValvePress Automatic WordPress plugin. It creates an administrator user via SQL injection, which can lead to remote code execution.
Classification
Working Poc 95%
Target:
ValvePress Automatic WordPress plugin
No auth needed
Prerequisites:
Target must have the vulnerable ValvePress Automatic plugin installed · Target must be a WordPress site
nomisec
WORKING POC
2 stars
by truonghuuphuc · remote
https://github.com/truonghuuphuc/CVE-2024-27956
This PoC demonstrates a SQL injection vulnerability in the WP Automatic WordPress plugin. The exploit leverages a time-based blind SQLi via the `q` parameter in `csv.php`, bypassing authentication with `auth=%00`.
Classification
Working Poc 90%
Target:
WP Automatic WordPress plugin
No auth needed
Prerequisites:
WordPress with WP Automatic plugin installed and activated
nomisec
WORKING POC
1 stars
by devsec23 · remote
https://github.com/devsec23/CVE-2024-27956
This is a functional exploit for CVE-2024-27956, targeting an unauthenticated SQL injection vulnerability in the WP Automatic WordPress plugin. It automates the creation of an admin user by injecting SQL queries to manipulate the WordPress database.
Classification
Working Poc 95%
Target:
WP Automatic plugin for WordPress (versions < 3.9.2.0)
No auth needed
Prerequisites:
Target must be running a vulnerable version of the WP Automatic plugin · Network access to the target WordPress site
nomisec
SUSPICIOUS
1 stars
by FoxyProxys · poc
https://github.com/FoxyProxys/CVE-2024-27956
The repository contains heavily obfuscated Python code with no clear exploit logic or meaningful comments. The structure suggests potential deception or a placeholder rather than a functional PoC for CVE-2024-27956.
Classification
Suspicious 70%
Target:
Unknown (FoxyProxy implied but unconfirmed)
No auth needed
Prerequisites:
None identifiable due to obfuscation
nomisec
WORKING POC
by 0axz-tools · infoleak
https://github.com/0axz-tools/CVE-2024-27956
This PoC exploits CVE-2024-27956, a SQL injection vulnerability in the WP Automatic WordPress plugin. It tests for vulnerability and, if successful, creates an admin user by injecting SQL queries.
Classification
Working Poc 95%
Target:
WP Automatic WordPress plugin (version not specified)
No auth needed
Prerequisites:
Target must have WP Automatic plugin installed · Target must be accessible via HTTP/HTTPS
nomisec
WORKING POC
by m4nInTh3mIdDle · remote
https://github.com/m4nInTh3mIdDle/wordpress-CVE-2024-27956
This PoC exploits CVE-2024-27956 in the WordPress WP Automatic plugin by injecting SQL queries to create an admin user, then uploading a reverse shell via the plugin editor. It demonstrates a full chain from SQL injection to remote code execution.
Classification
Working Poc 95%
Target:
WordPress WP Automatic plugin
No auth needed
Prerequisites:
WordPress with WP Automatic plugin installed · Network access to the target
nomisec
SCANNER
by 7aRanchi · infoleak
https://github.com/7aRanchi/CVE-2024-27956-for-fscan
This repository provides a YAML-based PoC rule for fscan to detect and exploit CVE-2024-27956, a WordPress Automatic SQL injection vulnerability. It includes instructions for integrating the rule into fscan and notes that exploitation may create a new user if the vulnerability exists.
Classification
Scanner 90%
Target:
WordPress Automatic (version not specified)
No auth needed
Prerequisites:
fscan tool · access to target WordPress instance
nomisec
WORKING POC
by CERTologists · remote
https://github.com/CERTologists/EXPLOITING-CVE-2024-27956
This Python script exploits CVE-2024-27956, a WordPress SQL injection vulnerability in the WP Automatic plugin, leading to RCE by creating an admin user. It automates the exploitation process with multi-threading support.
Classification
Working Poc 95%
Target:
WordPress with WP Automatic plugin
No auth needed
Prerequisites:
Target URL list · WP Automatic plugin installed
nomisec
WORKING POC
by cve-2024 · remote
https://github.com/cve-2024/CVE-2024-27956-RCE
This PoC exploits CVE-2024-27956, a SQL injection vulnerability in the ValvePress Automatic WordPress plugin, to create an administrator user and grant it privileges, potentially leading to RCE. The exploit sends crafted SQL queries via the 'q' parameter to manipulate the WordPress database.
Classification
Working Poc 95%
Target:
ValvePress Automatic WordPress plugin
No auth needed
Prerequisites:
Target must have the vulnerable ValvePress Automatic plugin installed · Target must be a WordPress site
nomisec
WORKING POC
by hitazuranahiro · poc
https://github.com/hitazuranahiro/Valve-Press-CVE-2024-27956-RCE
This exploit leverages SQL injection in Valve Press (CVE-2024-27956) to create an admin user in WordPress. It sends crafted POST requests to `/wp-content/plugins/wp-automatic/inc/csv.php` to insert a new user and grant administrator privileges.
Classification
Working Poc 95%
Target:
Valve Press (WordPress plugin)
No auth needed
Prerequisites:
Target must have the vulnerable Valve Press plugin installed
nomisec
WORKING POC
by W3BW · remote
https://github.com/W3BW/CVE-2024-27956-RCE-File-Package
This repository contains a functional exploit for CVE-2024-27956, which targets a SQL injection vulnerability in the WP Automatic WordPress plugin. The exploit creates an admin user by injecting SQL queries into the plugin's CSV import functionality.
Classification
Working Poc 95%
Target:
WP Automatic WordPress plugin
No auth needed
Prerequisites:
Target must have the vulnerable WP Automatic plugin installed · Plugin endpoint must be accessible
nomisec
STUB
by k3ppf0r · poc
https://github.com/k3ppf0r/CVE-2024-27956
The repository contains only a README.md file with the CVE identifier and no functional exploit code or technical details. It appears to be a placeholder or stub.
Target:
unknown
No auth needed
nomisec
WORKING POC
by X-Projetion · remote
https://github.com/X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN
This exploit targets CVE-2024-27956 in the WordPress plugin 'wp-automatic' by injecting SQL queries to create an administrator user. It leverages a vulnerability in the CSV import functionality to execute arbitrary SQL commands.
Classification
Working Poc 95%
Target:
WordPress plugin wp-automatic
No auth needed
Prerequisites:
Target must have the vulnerable 'wp-automatic' plugin installed · CSV import functionality must be accessible
vulncheck_xdb
WORKING POC
remote
https://github.com/TadashiJei/Valve-Press-CVE-2024-27956-RCE
This repository contains a functional exploit for CVE-2024-27956, which targets a SQL injection vulnerability in the Valve Press plugin for WordPress. The exploit creates an admin user by injecting SQL queries into the vulnerable endpoint.
Classification
Working Poc 95%
Target:
Valve Press WordPress plugin
No auth needed
Prerequisites:
WordPress site with Valve Press plugin installed · Access to the vulnerable endpoint
metasploit
WORKING POC
EXCELLENT
by Rafie Muhammad, Valentin Lobstein · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_automatic_sqli_to_rce.rb
This Metasploit module exploits an unauthenticated SQL injection vulnerability in the WordPress wp-automatic plugin (versions < 3.92.1) to create an admin account and achieve remote code execution (RCE) via plugin upload.
Classification
Working Poc 100%
Target:
WordPress wp-automatic plugin < 3.92.1
No auth needed
Prerequisites:
WordPress site with vulnerable wp-automatic plugin installed