CVE-2021-21389 PoC — BuddyPress privilege escalation via REST API

Source

https://github.com/mynameSumin/CVE-2021-21389

Associated Vulnerability

Title:BuddyPress privilege escalation via REST API (CVE-2021-21389)
Description:BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

Description

경희대 졸업프로젝트

Readme

## 사용법
1. docker를 build하여 취약한 wordpress, buddypress 환경을 구성한다.  
2. mariaDB container를 build하고 실행한다.  
3. 두 개의 컨테이너를 같은 네트워크에서 실행되도록 만든다.  
   ex) docker network create wordpress_network  
  docker network connect wordpress_network wordpress_app  
  docker network connect wordpress_network wordpress_db
4. 다음 명령어를 통해 payload를 실행한다.  
   python3 CVE-2021-21389.py http://localhost:8080 test 1234 whoami

File Snapshot


 [4.0K]  /data/pocs/99a72c11cea67c6e1352eac88b9f5157583c1088
├── [4.7K]  CVE-2021-21389.py
├── [1.5K]  Dockerfile
├── [ 523]  README.md
└── [4.0K]  src
    ├── [7.1K]  apache2.conf
    ├── [  94]  start.sh
    ├── [719K]  wordpress.sql
    └── [3.3K]  wp-config.php

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!