nuclei-templates/http/vulnerabilities/wordpress/wordpress-total-upkeep-back...

36 lines
1008 B
YAML
Raw Permalink Normal View History

2021-03-10 11:36:11 +00:00
id: wordpress-total-upkeep-backup-download
info:
name: WordPress Total Upkeep Database and Files Backup Download
author: princechaddha
severity: high
2024-01-02 15:45:12 +00:00
description: Exposed sensitive file in WordPress Total Upkeep wordpress plugin feature used.
reference:
- https://www.exploit-db.com/exploits/49252
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: wordpress,wp-plugin,edb
2021-03-10 11:36:11 +00:00
http:
2021-03-10 11:36:11 +00:00
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/boldgrid-backup/cron/restore-info.json"
matchers-condition: and
matchers:
- type: word
words:
- "application/json"
part: header
- type: word
words:
- '"filepath"'
- '/wp-content/boldgrid_backup_'
condition: and
part: body
- type: status
status:
2023-10-14 11:27:55 +00:00
- 200
# digest: 490a004630440220180242e5a8a31c4f47582a818ced240250801d68abd3cd007f929b6cb6b0597c02202c2884ce226e5d5c363a94a3030affddd85b9e39c0b9f8d97607fb7075f692cd:922c64590222798bb761d5b6d8e72950