diff --git a/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb b/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb index 8d2f8c0021..de36db95df 100644 --- a/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb +++ b/modules/exploits/unix/webapp/wp_revslider_upload_execute.rb @@ -6,6 +6,7 @@ require 'msf/core' class Metasploit3 < Msf::Exploit::Remote + Rank = ExcellentRanking include Msf::HTTP::Wordpress @@ -13,10 +14,10 @@ class Metasploit3 < Msf::Exploit::Remote def initialize(info = {}) super(update_info(info, - 'Name' => 'Wordpress RevSlider File Upload and Execute Vulnerability', + 'Name' => 'WordPress RevSlider File Upload and Execute Vulnerability', 'Description' => %q{ This module exploits an arbitrary PHP code upload in the WordPress ThemePunch - Revolution Slider ( revslider ) plugin, version 3.0.95 and prior. The + Slider Revolution (RevSlider) plugin, versions 3.0.95 and prior. The vulnerability allows for arbitrary file upload and remote code execution. }, 'Author' => @@ -27,16 +28,16 @@ class Metasploit3 < Msf::Exploit::Remote 'License' => MSF_LICENSE, 'References' => [ - ['URL', 'https://whatisgon.wordpress.com/2014/11/30/another-revslider-vulnerability/'], + ['OSVDB', '115118'], ['EDB', '35385'], ['WPVDB', '7954'], - ['OSVDB', '115118'] + ['URL', 'https://whatisgon.wordpress.com/2014/11/30/another-revslider-vulnerability/'] ], 'Privileged' => false, 'Platform' => 'php', 'Arch' => ARCH_PHP, 'Targets' => [['ThemePunch Revolution Slider (revslider) 3.0.95', {}]], - 'DisclosureDate' => 'Nov 26 2015', + 'DisclosureDate' => 'Nov 26 2014', 'DefaultTarget' => 0) ) end @@ -91,6 +92,6 @@ class Metasploit3 < Msf::Exploit::Remote else fail_with(Failure::Unknown, 'ERROR') end - end + end