Exploit for the unauthenticated file upload vulnerability in Royal Elementor Addons and Templates < 1.3.79.
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to an unauthenticated file upload vulnerability. This exploit leverages this vulnerability to upload malicious payloads to vulnerable WordPress installations.
Vulnerable versions: < 1.3.79
CVE-ID: CVE-2023-5360
WPVDB ID: 281518ff‑7816‑4007‑b712‑63aed7828b34
CVSSv3.1: 10.0
-
Clone the repository:
git clone https://github.com/Chocapikk/CVE-2023-5360.git
-
Navigate to the repository's directory:
cd CVE-2023-5360 -
Install the required dependencies:
pip install -r requirements.txt
- Use the following command to exploit a single URL:
Or use the following command to exploit a list of URLs:
python3.10 exploit.py -u <TARGET_URL> -v
python3.10 exploit.py -l <URL_LIST_FILE> -v
Optional arguments:
-f, --file : Use a custom PHP file to upload
-o, --output: Save vulnerable URLs to an output file
-t, --threads: Specify the number of threads to use (default is 200)
-T, --timeout: Specify the request timeout in seconds (default is 10)
🚫 Usage of this exploit without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
Ensure your WordPress installations are fully updated to safeguard against this vulnerability. Particularly, update the Royal Elementor Addons and Templates plugin to version 1.3.79 or later.
Kudos to all researchers and developers working hard to protect the web!