AungRecon tool for finding SQLi, XSS, LFi, OpenRedirect

 This script demonstrates the exploitation of CVE-2024-5084, a vulnerability in the Hash Form plugin for WordPress, which allows unauthenticated arbitrary file upload leading to remote code execution.

Vulnerability Details

• Name: CVE-2024-5084
• Description: Unauthenticated Arbitrary File Upload to Remote Code Execution.
• Affected Plugin: Hash Form – Drag & Drop Form Builder <= 1.1.0
• Source: Wordfence - Vulnerability Details

  GitHub - Chocapikk/CVE-2024-5084: Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution