TagsWordpressAnalysis of a WordPress Remote Code Execution AttackThis article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.Author(s)Razvan IonescuPublished at21 May 2019Updated at19 Jun 2023
Analysis of a WordPress Remote Code Execution AttackThis article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.Author(s)Razvan IonescuPublished at21 May 2019Updated at19 Jun 2023