file_manager(options.url) 除了以上两个py脚本外,还可使用wp-file-manager-exploit.sh脚本验证
# Google Dork: inurl:/wp-content/uploads/wp-file-manager-pro/fm_backup# Sensitive Directories# Date: 18/04/2021# Exploit Author: Aftab Alam
WP File Manager Hack and how to repair / clean your site – Thrive, Web Design Gold Coast May 21, 2021 […] a few of our WordPress sites have been hit by this hack. This was a 0-day security vulnerability that wasn’t known to the developers until it Seravo announced it. We don’...
WordPress Plugin WP-DBManager is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. An attacker can exploit this issue to download the 'wp-config.php' script. This may allow attacker to gain ...
Wordpress Security Scanner, WPKiller Allows you to search for vulnerabilities on the Wordpress site as well as scan Plugins and find Exploit customized versions and Plugins Installation How to install this tool? $ git clone https://github.com/Dark-Grizzly/WPKiller $ cd WPKiller $ chmod +x wp...