# CVE-2023-3460
The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This script perform an exploit for this vulnerability and scan different targets, looking for this vulnerability.


git clone
cd CVE-2023-3460/


python -t #basic usage
python -c -l list.txt #scan a list of targets

This program is for Educational purpose ONLY. Do not use it without permission. The author or any Internet provider bears NO responsibility for content or misuse of this program or any derivatives thereof.