WRITEUP #66
WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)
RCESSTISecurity code review
by@stealthcopter(Matthew Rollings)
Bounty
1,639
Program
Wordfence
Published
Aug 21, 2024
Added to HackDex
Aug 22, 2024
Read Full Writeuphttps://sec.stealthcopter.com/wpml-rce-via-twig-ssti/