.png)
8 hours ago
4 BOOK THIS SPACE FOR AD
ARTICLE AD
In this article we learn how wordpress website leaks admin PII for account takeover
Hi Hackers Welcome back to my new article . Today Explain about one vulnerability that helps to get admin account or PII information leak.
This is Wordpress Website. Follow this steps to find this kind of vulnerability.
Open Your target ex: https://example.com/ this is my target website. Now Use wpscan tool to find directories. OR you can direct use this path /wp-json/wp/v1/users/1 . It leaks PII because of CORS. The header Access-Control-Allow-Credentials: true .
An cross-origin resource sharing (CORS) policy controls whether and how content running on other domains can perform two-way interaction with the domain that publishes the policy. The policy is fine-grained and can apply access controls per-request based on the URL and other features of the request. If the site specifies the header Access-Control-Allow-Credentials: true, third-party sites may be able to carry out privileged actions and retrieve sensitive information.This bug could be used to steal users information or force the user to execute unwanted actions.
POC:
Step1 : Navigate visit hostname or directory on https:\/\/www.mtn.com\/wp-json\/wp\/v2\/users\/9
Bengali (Bangladesh) · 
English (United States) ·