{"uuid": "48a6d701-a87a-4817-8faa-b5b4163f8e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/262", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8PoC for WordPress Auto Admin Account Creation and Reverse Shell CVE-2024-27956. GitHub in X Link.\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #Exploit #Wordpress #CVE202427956\n\nDetails:\n\nThis Python script automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries on the WordPress database and gain administrative access.\n\nX Link: https://twitter.com/DarkWebInformer/status/1790400822511280334", "creation_timestamp": "2024-05-14T17:21:50.000000Z"}