CVE-2024-58349

EIP tracks 1 public exploit for CVE-2024-58349. PoCs published by Milad karimi.

AI-analyzed exploit summary This script checks for the presence of known webshells and vulnerable files in WordPress installations, specifically targeting the Travelscape theme and other common vulnerable paths. It does not exploit the vulnerability but scans for indicators of compromise.

WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme directory and execute them to achieve remote code execution on the affected WordPress installation.