.. / CVE-2022-2633

Exploit for All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery (CVE-2022-2633)

Description:

WordPress All-in-One Video Gallery plugin through 2.6.0 is susceptible to arbitrary file download and server-side request forgery (SSRF) via the ‘dl’ parameter found in the ~/public/video.php file. An attacker can download sensitive files hosted on the affected server and forge requests to the server.

Nuclei Template

View the template here CVE-2022-2633.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-2633.yaml

References:

https://blog.amanrawat.in/2022/09/28/CVE-2022-2633.html
https://nvd.nist.gov/vuln/detail/CVE-2022-2633
https://plugins.trac.wordpress.org/browser/all-in-one-video-gallery/trunk/public/video.php#L227
https://wordpress.org/plugins/all-in-one-video-gallery/
https://wpscan.com/vulnerability/852c257c-929a-4e4e-b85e-064f8dadd994

.. / CVE-2022-2633 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery (CVE-2022-2633)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-2633