modules/exploits/multi/http/wp_plugin_modern_events_calendar_rce.rb
Method initialize
has 41 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info = {})
super(
update_info(
info,
'Name' => 'Wordpress Plugin Modern Events Calendar - Authenticated Remote Code Execution',
Method exploit
has 32 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def exploit
cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD'])
fail_with(Failure::NoAccess, 'Authentication failed') unless cookie
payload_name = "#{Rex::Text.rand_text_alpha_lower(5)}.php"