Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).
Unauthenticated authentication bypass to RCE exploit for CVE-2024-10924. Abuses an authentication and 2FA bypass in the Really Simple Security WordPress plugin to impersonate an admin user, upload a malicious plugin, and achieve remote command execution via an interactive shell.
WARNING: This is a vulnerable application to test the exploit for the Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924). Run it at your own risk!
A vulnerability Scanner and Exploiter for Wordpress based on CVE 2024-10924
POC for CVE-2024-10924 written in Python
Add a description, image, and links to the cve-2024-10924 topic page so that developers can more easily learn about it.
To associate your repository with the cve-2024-10924 topic, visit your repo's landing page and select "manage topics."