ET EXPLOIT WP Download From Files Plugin <= 1.48 Arbitrary File Upload Attempt

SID: 2033989Rev: 10 viewsHistory

Sourceet/open

CreatedSeptember 20, 2021

UpdatedApril 6, 2023

Classificationattempted-admin

alert http any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET EXPLOIT WP Download From Files Plugin <= 1.48 Arbitrary File Upload Attempt"; flow:established,to_server; http.method; content:"POST"; nocase; bsize:4; http.uri; content:"/wp-admin/admin-ajax.php"; http.request_body; content:"Content-Disposition|3a 20|form-data|3b 20|name=|22|files[]|22 3b 20|filename=|22|"; content:"<?"; content:"download_from_files_617_fileupload"; fast_pattern; reference:url,cxsecurity.com/issue/WLB-2021090097; classtype:attempted-admin; sid:2033989; rev:1; metadata:created_at 2021_09_20, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_04_06, reviewed_at 2023_12_11;)

References

url	cxsecurity.com/issue/WLB-2021090097

Metadata

created at2021_09_20

confidenceHigh

signature severityMajor

tagDescription_Generated_By_Proofpoint_Nexus

updated at2023_04_06

reviewed at2023_12_11

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!