Back to directory

WRITEUP #735

Finding A RCE Gadget Chain In WordPress Core

RCEPHP pop chainInsecure deserialization

byMarc Montpas

Program

WordPress

Published

Oct 13, 2023

Added to HackDex

Jan 8, 2024

Read Full Writeuphttps://wpscan.com/blog/finding-a-rce-gadget-chain-in-wordpress-core/

▸ RELATED WRITEUPS

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

WordPress GiveWP POP to RCE (CVE-2024-5932)

RCEPHP pop chain

$4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

RCEPHP pop chain

3 ways to get Remote Code Execution in Kafka UI

RCEInsecure deserialization

Built with ❤️ by Shubham Rawat