CVE-2024-11350 [CRITICAL] :

The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's identity prior to updating their password through the adforest_reset_password() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.

N7W Era Penetration Testing Notes

cheatsheet
exploit

I have gathered these notes from lots of sources on the internet, such as OSCP guides, enumeration guides and books. If you see any content that you wrote and I haven't credited you, please let me know and I will add it.

Visit Website

Listed: Mon Nov 13 2023