automatic module_metadata_base.json update

msjenkins-r7 · msjenkins-r7 · commit ddaa21d8c3fc · 2024-06-05T03:42:42.000-05:00
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -113181,6 +113181,69 @@
     "session_types": false,
     "needs_cleanup": true
   },
+  "exploit_multi/http/wp_hash_form_rce": {
+    "name": "WordPress Hash Form Plugin RCE",
+    "fullname": "exploit/multi/http/wp_hash_form_rce",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-05-23",
+    "type": "exploit",
+    "author": [
+      "Francesco Carlucci",
+      "Valentin Lobstein"
+    ],
+    "description": "The Hash Form – Drag & Drop Form Builder plugin for WordPress suffers from a critical vulnerability\n          due to missing file type validation in the file_upload_action function. This vulnerability exists\n          in all versions up to and including 1.1.0. Unauthenticated attackers can exploit this flaw to upload arbitrary\n          files, including PHP scripts, to the server, potentially allowing for remote code execution on the affected\n          WordPress site. This module targets multiple platforms by adapting payload delivery and execution based on the\n          server environment.",
+    "references": [
+      "CVE-2024-5084",
+      "URL-https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/hash-form/hash-form-drag-drop-form-builder-110-unauthenticated-arbitrary-file-upload-to-remote-code-execution"
+    ],
+    "platform": "Linux,PHP,Unix,Windows",
+    "arch": "php, cmd",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "PHP In-Memory",
+      "Unix/Linux Command Shell",
+      "Windows Command Shell"
+    ],
+    "mod_time": "2024-06-05 10:14:48 +0000",
+    "path": "/modules/exploits/multi/http/wp_hash_form_rce.rb",
+    "is_install_path": true,
+    "ref_name": "multi/http/wp_hash_form_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "ioc-in-logs",
+        "artifacts-on-disk"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_multi/http/wp_ninja_forms_unauthenticated_file_upload": {
     "name": "WordPress Ninja Forms Unauthenticated File Upload",
     "fullname": "exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload",
