Home Original page

JoshuaProvoste - Overview

Pinned Loading

  1. Unauthenticated 0-click RCE exploit for CVE-2023-51409. Abuses an arbitrary file upload flaw in the AI Engine WordPress plugin to upload a PHP webshell and achieve remote command execution without …

    PHP 1

  2. Unauthenticated 0-click RCE exploit for CVE-2024-51793. Exploits an arbitrary file upload vulnerability via admin-ajax.php to upload a PHP payload and achieve remote command execution on vulnerable…

    PHP 1

  3. Unauthenticated 0-click RCE exploit for CVE-2024-51791. Exploits an arbitrary file upload vulnerability in a vulnerable WordPress forms plugin to upload a PHP payload, locate the uploaded file, det…

    PHP 1