Update modules/exploits/multi/http/wp_time_capsule_file_upload_rce.rb

Co-authored-by: Julien Voisin <[email protected]>
rapid7 · Dec 12, 2024 · 9c8db05 · 9c8db05
1 parent 7b918b2
commit 9c8db05
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/exploits/multi/http/wp_time_capsule_file_upload_rce.rb b/modules/exploits/multi/http/wp_time_capsule_file_upload_rce.rb
@@ -24,7 +24,7 @@ def initialize(info = {})
           code execution (RCE).
 
           The validation logic in the vulnerable function improperly checks for allowed extensions.
-          If no valid extension is found, the check can be bypassed by using a filename of specific lengths
+          If no valid extension is found, the check can be bypassed by using a filename of specific length
           (e.g., "00.php") matching the length of allowed extensions like ".crypt".
         },
         'Author' => [