CVE-2024-5084

This repository contains a functional exploit for CVE-2024-5084, an unauthenticated arbitrary file upload vulnerability in the Hash Form WordPress plugin (versions <= 1.1.0). The exploit uploads a PHP shell and provides an interactive command execution interface.

This repository contains a functional proof-of-concept exploit for CVE-2024-5084, an unauthenticated file upload vulnerability in the Hash Form WordPress plugin (≤ 1.1.0) leading to remote code execution. The exploit uploads a malicious PHP file and provides an interactive shell for command execution.

This is a functional exploit for CVE-2024-5084, targeting an arbitrary file upload vulnerability in the Hash Form WordPress plugin. It uploads a PHP reverse shell and triggers it to achieve remote code execution.

This PoC exploits an arbitrary file upload vulnerability in WordPress (CVE-2024-5084) by bypassing file extension restrictions to upload a malicious PHP file, enabling remote command execution via a web shell. The exploit automates nonce retrieval, file upload, and interactive command execution.

This PoC exploits an arbitrary file upload vulnerability in the Hash Form WordPress plugin (CVE-2024-5084) by bypassing file extension restrictions to upload a PHP file. It checks for the vulnerable plugin version, retrieves a nonce, and uploads a PHP file to achieve remote code execution.

This is a functional exploit for CVE-2024-5084, targeting an unauthenticated arbitrary file upload vulnerability in the WordPress Hash Form plugin (versions <= 1.1.0). It uploads a PHP shell to achieve remote code execution.

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in the WordPress Hash Form plugin (CVE-2024-5084), allowing remote code execution by uploading a malicious PHP file. It retrieves a nonce, uploads the payload, and triggers execution.