Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-4428 PoC — what3words Autosuggest Plugin Setting class-w3w-autosuggest-public.php enqueue_scripts information disclosure

Source
https://github.com/CERT-hr/Log4Shell
Associated Vulnerability
Title:what3words Autosuggest Plugin Setting class-w3w-autosuggest-public.php enqueue_scripts information disclosure (CVE-2021-4428)
Description:A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueue_scripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 4.0.1 is able to address this issue. The patch is named dd59cbac5f86057d6a73b87007c08b8bfa0c32ac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-234247.
Description
This repo contains IoCs which are associated with exploitation of CVE-2021-4428.
Readme
# Log4Shell
This repo contains IoCs which are associated with exploitation of CVE-2021-4428.
File Snapshot

 [4.0K]  /data/pocs/b50e3e9da93ea4f83965c910112fa5f700341b8a
└── [  93]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →