• Home
  • About
  • @sivaneshashok
  • Search
Menu
Topic 1 Post

Privilege Escalation

Page 1 of 1

WordPress Privilege Escalation from an Editor to Administrator

By Sivanesh Ashok in Vulnerabilities on 21 Sep 2019

This article is about how a WordPress Editor can use unfiltered HTML and some social engineering to gain administrative access to the WordPress site and pwn the server. My first observation was that editors and administrators can add unfiltered HTML and JavaScript using the custom HTML block while creating a…

Page 1 of 1

Topics

Vulnerabilities: 5 Privilege Escalation: 1 Dropbox: 1 CSRF: 1 SSRF: 1 Bug Bounties: 1 CVE-2019-11815: 1 Tools: 1 Hashcatch: 1 WiFi: 1 CVE-2020-2040: 1 WordPress: 1 RCE: 1 Prestashop: 1 CVEs: 1 Source Code Review: 1 CVE-2020-4041: 1
Sivanesh Ashok © 2023
  • Sign up
Published with Ghost • Theme Attila • System theme