Subdomain Takeover Pointing To Wpmudev

Reported to Private
Reported by Haqtify
Low (2.2)
$200
Published 3 years ago
2 Likes

URL:

https://crm.privatesite.com

Description:

Haqtify recently found a Subdomain takeover vulnerability pointing to Wpmudev . Subdomain takeover vulnerabilities take place when a subdomain (subdomain.example.com) is pointing to a 3rd party service (e.g. Shopify, Wpmudev, GitHub pages, Heroku, etc.) that has been removed or expired.

Steps To Reproduce:

1.Create a trial account on Wpmudev.

Register

2.After creating account , goto Domain section.

3.Add vulnerable domain in it.

4.Domain Takeover successfully.

Mitigation:

Remove the affected DNS record.
Claim the subdomain.

Subdomain Takeover Pointing to Shopify
Subdomain Takeover Pointing to branch io
Subdomain Takeover Pointing to Heroku
Subdomain Takeover Pointing to Surveysparrow

Subdomain Takeover Pointing To Wpmudev

URL:

Description:

Steps To Reproduce:

Mitigation:

Previous Articles :

Get your security assessed today