The PublishPress Capabilities plugin for WordPress before 2.3.1 does not have proper authorization and CSRF checks when updating settings via the init hook, allowing unauthenticated attackers to update arbitrary blog options, such as setting the default role to administrator.
登录后查看神龙缓存的 POC 文件快照
登录查看