Wordpress tdo mini - File Upload Vulnerability

Today i'll tell you one more file upload vulnerability of Wordpress. This vulnerability occurs in tdo Mini plugin of Wordpress.
So now lets begin.

• First find some vulnerable sites by using Google Dorks inurl:”plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1" 
• After getting a vulnerable site, upload your file. It would look something like this
  
  
• To access your uploaded file change the url from http://www.example.com/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php to http://www.example.com/wp-content/uploads/tdomf/tmp/1/
• If the site is vulnerable, then it will open something like this
  
  
  
• These are the ip addresses, to access your uploaded file click on your ip address. After that it will show your uploaded file like this
  
  
  
• Boom !! Now you are successfully done. And you can also upload shell by changing the extension of the shell from shell.php to shell.php;.jpg.

Live Demo :- http://pesel.co.il/wp-content/uploads/tdomf/tmp/1/95.141.28.51/Capture.PNG

Note:- This is only for educational purpose, and we are not responsible for any harm and illegal activity done by you.

Ch33R$

Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!