masterwok/PoC-CVE-2026-1357
GitHub: masterwok/PoC-CVE-2026-1357
一个 WordPress 插件漏洞的 PoC 工具,用于在本地靶场复现并验证 CVE-2026-1357。
Stars: 0 | Forks: 0
# PoC CVE-2026-1357: WPvivid Backup & Migration
[https://nvd.nist.gov/vuln/detail/CVE-2026-1357](https://nvd.nist.gov/vuln/detail/CVE-2026-1357)
## 实验室设置
### 目录结构
Organize your project folder as follows:
```
.
├── docker-compose.yml
├── exploit.py
├── requirements.txt
├── vulnerable-plugin-folder/ # Staging area for the plugin
└── wp-content/ # Persistent WP data (Created by Docker)
```
### 插件获取与提取
Since the vulnerability was patched in later versions, you must manually download and stage version **0.9.123**. Run these commands from your project root:
```
# 下载易受攻击版本
wget https://downloads.wordpress.org/plugin/wpvivid-backuprestore.0.9.123.zip
# 创建暂存目录
mkdir vulnerable-plugin-folder
# 提取并移动文件
unzip wpvivid-backuprestore.0.9.123.zip
mv wpvivid-backuprestore/* vulnerable-plugin-folder/
rm -rf wpvivid-backuprestore wpvivid-backuprestore.0.9.123.zip
```
1. **Start the environment:**
docker-compose up -d
2. **WordPress Setup:** Navigate to `http://localhost:8080` and complete the installation.
3. **Activate & Configure:**
* Login to the dashboard (`/wp-admin`).
* Go to **Plugins** -> **Installed Plugins** -> **Activate** WPvivid Backup.
* Go to the **WPvivid Backup** menu -> **Key** tab -> Click **Generate**.
*(Note: This initializes the migration listener. Without a generated key, the plugin will return a 400 Bad Request error.)*
## 用法
### 安装依赖项
```
pip install -r requirements.txt
```
### 运行利用程序
Execute the script against your lab target:
```
python3 exploit.py localhost:8080 --command "id"
```
### 验证
If successful, the script will output the results of the command (e.g., `uid=33(www-data) gid=33(www-data)`). You can also verify the existence of the shell in your lab:
```
docker exec wpvivid-lab ls /var/www/html/wp-content/uploads/
```
## 免责声明
This tool is for educational purposes and authorized security research only. Unauthorized access to computer systems is illegal.
标签:CVE-2026-1357, Docker, Exploit, PoC, SEO, WordPress, WPvivid, 关键词, 取证, 命令执行, 备份, 安全防御评估, 插件, 文件完整性监控, 文件操作, 暴力破解, 未授权访问, 漏洞, 请求拦截, 迁移, 逆向工具