CVE-2023-3460
Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation
The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This is actively being exploited in the wild.
Produtos afetados
Unknown · Ultimate MemberPoCs públicas encontradas — 11
githubgithub.com/gbrsh/CVE-2023-3460★ 35githubgithub.com/diego-tella/CVE-2023-3460★ 7githubgithub.com/Rajneeshkarya/CVE-2023-3460★ 1githubgithub.com/GURJOTEXPERT/CVE-2023-3460★ 1githubgithub.com/DiMarcoSK/CVE-2023-3460_POC★ 0githubgithub.com/TranKuBao/CVE-2023-3460_FIX★ 0githubgithub.com/rizqimaulanaa/CVE-2023-3460★ 0githubgithub.com/yon3zu/Mass-CVE-2023-3460★ 0githubgithub.com/EmadYaY/CVE-2023-3460★ 0exploitdbwww.exploit-db.com/exploits/52393não verificadocve_referencewpscan.com/vulnerability/694235c7-4469-4ffd-a722-9225b19e98d7não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →