From d750ea19eb2287e4a6d626a2038a103624c6d47b Mon Sep 17 00:00:00 2001
From: cgranleese-r7 <Christopher_Granleese@rapid7.com>
Date: Thu, 21 Mar 2024 12:21:15 +0000
Subject: [PATCH] Fixes `store_valid_credential` conditional logic for
 `unix/webapp/wp_admin_shell_upload` module

---
 modules/exploits/unix/webapp/wp_admin_shell_upload.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/exploits/unix/webapp/wp_admin_shell_upload.rb b/modules/exploits/unix/webapp/wp_admin_shell_upload.rb
index ee800e3ceb..6bf475daf8 100644
--- a/modules/exploits/unix/webapp/wp_admin_shell_upload.rb
+++ b/modules/exploits/unix/webapp/wp_admin_shell_upload.rb
@@ -42,10 +42,10 @@ class MetasploitModule < Msf::Exploit::Remote
   def check
     cookie = wordpress_login(username, password)
     if cookie.nil?
-      store_valid_credential(user: username, private: password, proof: cookie)
       return CheckCode::Safe
     end
 
+    store_valid_credential(user: username, private: password, proof: cookie)
     CheckCode::Appears
   end