Subdomain Takeover Pointing To Wpmudev
Haqtify recently found a Subdomain takeover vulnerability pointing to Wpmudev . Subdomain takeover vulnerabilities take place when a subdomain (subdomain.example.com) is pointing to a 3rd party service (e.g. Shopify, Wpmudev, GitHub pages, Heroku, etc.) that has been removed or expired.
Steps To Reproduce:
1.Create a trial account on Wpmudev.
2.After creating account , goto Domain section.
3.Add vulnerable domain in it.
4.Domain Takeover successfully.
- Remove the affected DNS record.
- Claim the subdomain.
Previous Articles :
- Subdomain Takeover Pointing to Shopify
- Subdomain Takeover Pointing to branch io
- Subdomain Takeover Pointing to Heroku
- Subdomain Takeover Pointing to Surveysparrow