Register
Online Vulnerability Scanner Tools
Dork... Discovered: 2021-06-01 Google Search Dork: inurl:"/wpcontent/plugins/123ContactForm
# Dork: inurl:"/wp-content/plugins/123ContactForm" #Author: Rutvik Jaini #references: https://wpscan.com/vulnerability/ce716e4f-60f8-42e3-8891-a38e7948b970 https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html DescriptionThe cfp-connect AJAX call uses user input controlled data to perform the signature verification, attackers could craft these values ($message, $signature, $cf_pub_key) to bypass the validation mechanisms and inject their own public_key into the database. POC: # Dork: inurl:"/wp-content/plugins/123ContactForm" #Author: Rutvik Jaini #references: https://wpscan.com/vulnerability/ce716e4f-60f8-42e3-8891-a38e7948b970 https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html DescriptionThe cfp-connect AJAX call uses user input controlled data to perform the signature verification, attackers could craft these values ($message, $signature, $cf_pub_key) to bypass the validation mechanisms and inject their own public_key into the database. POC:
inurl:"/wpcontent/plugins/123ContactForm Google Dork Source : inurl:"/wpcontent/plugins/123ContactForm
Last added Google Dorks - Google Hacking Database (GHDB)
Easy integrations and simple setup help you start scanning in just some minutes