Saturday, February 4, 2017

Wordpress Product Options for WooCommerce Plugin File Upload

Wordpress Product Options for WooCommerce Plugin File Upload



#- Title: Wordpress Product Options for WooCommerce Plugin File Upload
#- Author: M4ni4c
#- Date: 2016-04-11
#- Developer : WPShowCase
#- Link Download : codecanyon. net/item/product-options-for-woocommerce-wp-plugin/7973927
#- Google Dork: inurl:"/plugins/woocommerce-product-options/"
#- Fixed in Version : -
#- Tested on : windows
=======================================================
-- Proof Of Concept --


Vulnerability : site/wp-content/plugins/woocommerce-product-options/includes/image-upload.php

When Vulnerable : U can find uploader

Method 

Prepare : You must change your shell extension to .php;.jpg 
Example : 3xploi7.php -> 3xploi7.php;.jpg

1. Choose your target
2. Give exploit /wp-content/plugins/woocommerce-product-options/includes/image-upload.php in your target
3. U will find the uploader and u can upload your shell

Example : 3xploi7.blogspot.com/wp-content/plugins/woocommerce-product-options/includes/image-upload.php

Need Shell Path ?? Click Here

Available link for download