.. / CVE-2020-11738

Exploit for WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion (CVE-2020-11738)

Description:

WordPress Duplicator 1.3.24 & 1.3.26 are vulnerable to local file inclusion vulnerabilities that could allow attackers to download arbitrary files, such as the wp-config.php file. According to the vendor, the vulnerability was only in two versions v1.3.24 and v1.3.26, the vulnerability wasn’t present in versions 1.3.22 and before.

Nuclei Template

View the template here CVE-2020-11738.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-11738.yaml

References:

http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html
https://nvd.nist.gov/vuln/detail/CVE-2020-11738
https://www.tenable.com/blog/duplicator-wordpress-plugin-vulnerability-exploited-in-the-wild
https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/
https://snapcreek.com/duplicator/docs/changelog/?lite

.. / CVE-2020-11738 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion (CVE-2020-11738)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-11738