| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGp_9ZjwNGKOUyQMx_F5W_aCUzd2ddnXmXLPNSVezPgrNvygbw@mail.gmail.com>
Date: Fri, 30 May 2025 13:31:42 +0400
From: Housma mardini <housma@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Exploit CVE-2019-9978: Remote Code Execution in Social Warfare
WordPress Plugin (<= 3.5.2)
Hi,
I am submitting an exploit for *CVE-2019-9978*, a remote code execution
vulnerability in the Social Warfare WordPress plugin (version <= 3.5.2).
*Exploit Title*: CVE-2019-9978: Remote Code Execution in Social Warfare
WordPress Plugin (<= 3.5.2)
*Date*: 2025-05-20
*Exploit Author*: Huseyin Mardinli
*Vendor Homepage*: https://warfareplugins.com/
*Software Link*: https://wordpress.org/plugins/social-warfare/
*Version*: <= 3.5.2
*Tested on*: Apache, Ubuntu 20.04
*CVE*: CVE-2019-9978
Please find the attached Python exploit code for this vulnerability.
Best regards,
Huseyin Mardinli
View attachment "exploit (1).py" of type "text/x-python" (2025 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists