Exploit for Authentication Bypass Using an Alternate Path or Channel in Really-Simple-Plugins Really Simple Security CVE-2024-10924

Name: Exploit for Authentication Bypass Using an Alternate Path or Channel in Really-Simple-Plugins Really Simple Security CVE-2024-10924
Rating: 5 (98 reviews)

2025-02-17 | CVSS 9.8

## https://sploitus.com/exploit?id=CEDAD223-CE61-5753-9519-895634EAAF11
# CVE-2024-10924 Exploit - WordPress Really Simple SSL Plugin 2FA Bypass

## Overview
This repository contains an exploit for **CVE-2024-10924**, a vulnerability in the **Really Simple SSL** plugin for WordPress. It allows an attacker to bypass Two-Factor Authentication (2FA) onboarding and gain unauthorized administrative access to a WordPress site.

## Vulnerability Details
- **CVE**: CVE-2024-10924
- **Affected Component**: `/reallysimplessl/v1/two_fa/skip_onboarding` endpoint
- **Impact**: Authentication Bypass (Admin Access)
- **Requirements**: User ID (e.g., `1` for the default admin) and the vulnerable domain.

## Exploit Requirements
- Python 3.x
- `requests` library

## Installation
```bash
pip install requests
```

## Usage
```bash
python3 exploit.py <domain> <user_id>
```
Example:
```bash
python3 exploit.py example.com 1
```

## Expected Output
The exploit will print the `wordpress_logged_in_*` and `wordpress_*` cookies, which can be manually set in your browser to authenticate as the targeted user.

## Manual Cookie Injection (Firefox Example)
1. Open Developer Tools (`F12` or Right-click > Inspect).
2. Go to the **Storage** tab > **Cookies** > `http://<domain>`
3. Add the cookies retrieved from the exploit:
    - `wordpress_logged_in_*`
    - `wordpress_*`
4. Navigate to `http://<domain>/wp-admin` to access the admin panel.

## License
This exploit is intended for educational and authorized testing purposes only.

## Disclaimer
Use this code responsibly. Unauthorized access to systems is illegal.