logo
episode-header-image
Jan 2024
1h 44m

Episode 55: Popping WordPress Plugins - ...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 55: In this episode of Critical Thinking - Bug Bounty Podcast, Justin is joined by Wordpress Security Researcher Ram Gall to discuss both functionality and vulnerabilities within Wordpress Plugins.

Follow us on twitter

Send us any feedback here:

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

------ Ways to Support CTBBPodcast ------

WordFence - Sign up as a researcher! https://ctbb.show/wf

---

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Hop on the CTBB Discord

We also do Discord subs at $25, $10, $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Today’s Guest:

Ramuel Gall

UpdraftPlus Vuln

XML-RPC PingBack

Unicode and Character Sets

Reflected XSS

POP Chain

WordpressPluginDirectory

Subscriber+ RCE in Elementor

Subscriber+ SSRF

Unauthed XSS via User-Agent header

Timestamps:

(00:00:00) Introduction

(00:05:55) Add_action & Nonces

(00:26:16) Add_filter & Register_rest_routes

(00:38:39) Page-related code & Shortcodes

(00:50:24) Top Sinks for WP

(01:02:19) Echo & SQLI Sinks

(01:15:07) Nonce Leak and wp_handle_upload

(01:18:16) Page variables & Pop Chains

(01:26:55) WP Escalations & Bug Reports

Up next
Nov 20
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
<p>Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites.</p><p>Follow us on <a target="_blank" rel="noopener noreferrer nofollow" href="https://x.com/ctbbpodcast">X</a></p><p>Go ... Show More
1h 2m
Nov 13
Episode 148: MCP Hacking Guide
Episode 148: In this episode of Critical Thinking - Bug Bounty Podcast Justin gives us a crash course on Model Context Protocol.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io ... Show More
32m 26s
Nov 6
Episode 147: Stupid Simple Hacking Workflow Tips
Episode 147: In this episode of Critical Thinking - Bug Bounty Podcast we're talking tips and tricks that help us in hacking that we really should’ve learned sooner.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback ... Show More
58m 48s
Recommended Episodes
Feb 2023
Frontend Feud: CSS Podcast vs @keyframers (JS Party #264)
Una & Adam from The CSS Podcast defend their Frontend Feud title against challengers David & Shaw from the keyframers. Let's get it on! 
51m 10s
Feb 2023
Frontend Feud: CSS Podcast vs @keyframers
Una & Adam from The CSS Podcast defend their Frontend Feud title against challengers David & Shaw from the keyframers. Let’s get it on! Leave us a comment Changelog++ members save 6 minutes on this episode because they made the ads disappear. Join today! Sponsors: Sentry – Sessio ... Show More
51m 10s
Jun 2022
Supper Club × Is No Code going to take our jobs? with Connor Finlayson
In this supper club episode of Syntax, Wes and Scott talk with Connor Finlayson about his experience building and teaching no code projects. Postlight Podcast - Sponsor Postlight is a strategy, design, and engineering firm that builds platforms for some of the biggest organizat ... Show More
1h 1m
Oct 2020
Spooky Web Dev Stories — Part 2
In this episode of Syntax, Scott and Wes are back for another episode of spooky web dev stories — listener-submitted stories about web dev gone wrong. LogRocket - Sponsor LogRocket lets you replay what users do on your site, helping you reproduce bugs and fix issues faster. It’ ... Show More
1h 2m
Sep 2021
Changelog Frontend Feud
In this episode of Syntax, Scott and Wes do a crossover episode with Changelog’s JS Party! Your favorite web dev podcasts join forces for a super collab that’ll knock you frontend off! Amelia joins Chris Coyier and Dave Rupert from ShopTalk Show, while Divya teams up with Wes Bos ... Show More
53m 21s
Feb 2024
730: Own Your Own PaaS
Scott and Wes talk about the benefits of owning your own PaaS (platform as a service), the main alternatives in the space, and ways to make passion projects more financially viable. Show Notes 00:00 Welcome to Syntax! 01:12 Brought to you by Sentry.io. 01:56 What is a PaaS ... Show More
57m 57s
Feb 2024
Episode 108 - Diving into Amazon Q Builder with Clare Liguori
🚀 Dive into the world of AI with Morgan Willis, Principal Cloud Technologist for AWS, as she interviews Clare Liguori, a Senior Principal Software Engineer at AWS and one of the visionaries behind Amazon Q. Discover the secrets behind this groundbreaking Generative AI conversati ... Show More
48m 6s
Feb 2024
Your English Five a Day #16.1
<p><b>E180:</b> 🎙️ Welcome to <b>The English Like a Native Podcast</b> with me, Anna! Tune in to <b>Week 16, Day 1</b> of <b>Your English Five a Day</b>, where we boost your active vocabulary with five new words every weekday.<br/><br/>🌟 Today&apos;s list kicks off with &quot;t ... Show More
13m 35s
Listen to millions of songs and podcasts on Anghami