Wordpress: Easy-Comment-Upload

Hello guys, today i'm going to share an upload vulnerability exploit in wordpress. but today i'm not going to write a long tutorial, but just give you the important points of the exploit.

Finding Vulnerable Target

Dorks:  "inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php" 

              /wp-content/plugins/easy-comment-uploads/upload-form.php

              Index of /wp-content/plugins/easy-comment-uploads

Exploiting Target

Exploit : /wp-content/plugins/easy-comment-uploads/upload-form.php

You can upload .txt files and images to the sites, but only certain site can be upload shell using tamper data.

After you have successfully uploaded your file, your file will be at

/wp-content/uploads/YEAR/MONTH/FILENAME

Example : 

www.site.com/wp-content/uploads/2011/05/bcc.txt

That's all. Hope you understand. 

Have a problem? leave a comment below :D