## https://sploitus.com/exploit?id=CAADF15A-0DEC-53FC-B1C5-B8EE2D2805A6
# CVE-2023-3460
The Ultimate Member WordPress plugin before 2.6.7 does not prevent visitors from creating user accounts with arbitrary capabilities, effectively allowing attackers to create administrator accounts at will. This script perform an exploit for this vulnerability and scan different targets, looking for this vulnerability.
<h2>Install</h2>
```
git clone https://github.com/diego-tella/CVE-2023-3460/
cd CVE-2023-3460/
python exploit.py
```
<h2>Usage</h2>
```
python exploit.py -t http://target.com/wordpress #basic usage
python exploit.py -c -l list.txt #scan a list of targets
```
<h2>Disclaimer</h2>
This program is for Educational purpose ONLY. Do not use it without permission. The author or any Internet provider bears NO responsibility for content or misuse of this program or any derivatives thereof.