Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)
Huseyin Mardinli提交了针对CVE-2019-9978漏洞的远程代码执行利用代码,影响Social Warfare WordPress插件版本<=3.5.2。该漏洞允许攻击者在目标服务器上执行任意代码。测试环境为Apache和Ubuntu 20.04,并附带了Python exploit代码。 2025-6-3 12:59:29 Author: seclists.org(查看原文) 阅读量:20 收藏
Huseyin Mardinli提交了针对CVE-2019-9978漏洞的远程代码执行利用代码,影响Social Warfare WordPress插件版本<=3.5.2。该漏洞允许攻击者在目标服务器上执行任意代码。测试环境为Apache和Ubuntu 20.04,并附带了Python exploit代码。 2025-6-3 12:59:29 Author: seclists.org(查看原文) 阅读量:20 收藏
Full Disclosure mailing list archives
From: Housma mardini <housma () gmail com>
Date: Fri, 30 May 2025 13:31:42 +0400
Hi, I am submitting an exploit for *CVE-2019-9978*, a remote code execution vulnerability in the Social Warfare WordPress plugin (version <= 3.5.2). *Exploit Title*: CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2) *Date*: 2025-05-20 *Exploit Author*: Huseyin Mardinli *Vendor Homepage*: https://warfareplugins.com/ *Software Link*: https://wordpress.org/plugins/social-warfare/ *Version*: <= 3.5.2 *Tested on*: Apache, Ubuntu 20.04 *CVE*: CVE-2019-9978 Please find the attached Python exploit code for this vulnerability. Best regards, Huseyin Mardinli
Attachment:
exploit (1).py
Description:
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2) Housma mardini (Jun 03)
文章来源: https://seclists.org/fulldisclosure/2025/Jun/1
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh