Published: 06/11/2019 Updated: 08/11/2019

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 660

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wpmarketplace project wpmarketplace 2.4.0

WordPress Marketplace version 240 suffers from an arbitrary file download vulnerability ...

# Exploit Title: WP Marketplace 240 Arbitrary File Download # Date: 26-10-2014 # Software Link: wordpressorg/plugins/wpmarketplace/ # Exploit Author: Kacper Szurek # Contact: twittercom/KacperSzurek # Website: securityszurekpl/ # Category: webapps # CVE: CVE-2014-9013 and CVE-2014-9014 1 Description Anyone can run use ...

#!/usr/bin/python # # Exploit Name: WP Marketplace 240 Remote Command Execution # # Vulnerability discovered by Kacper Szurek (securityszurekpl) # # Exploit written by Claudio Viviani # # # # -------------------------------------------------------------------- # # The vulnerable function is located on "wpmarketplace/libs/cartphp" file: ...

CWE-20 https://www.exploit-db.com/exploits/36490/https://nvd.nist.gov https://packetstormsecurity.com/files/131018/WordPress-Marketplace-2.4.0-Arbitrary-File-Download.html https://www.exploit-db.com/exploits/36466/

CVE-2014-9013

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect