Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mhelwig/wp-webshell-xss

A simple wordpress webshell injector
https://github.com/mhelwig/wp-webshell-xss

Last synced: 25 days ago
JSON representation

A simple wordpress webshell injector

Awesome Lists containing this project

README

        

# wp-webshell-xss
A simple wordpress webshell injector

This is an attack script to insert a simple webshell in a file of the wordpress plugin "Event Register" by making use of the Wordpress Plugin Editor feature.

It can be injected via a persistent XSS in the attendee's list.

Probably also useful with other persistent XSS vulnerabilities, though you would have to adapt the URLs to inject into another file.