2020-08-12 08:15:51 +00:00
|
|
|
id: wordpress-workflow
|
|
|
|
info:
|
2020-11-21 17:57:19 +00:00
|
|
|
name: Wordpress Security Checks
|
|
|
|
author: kiblyn11 & zomsop82
|
|
|
|
description: A simple workflow that runs all wordpress related nuclei templates on a given target.
|
2021-02-12 05:53:01 +00:00
|
|
|
tags: workflow
|
2020-08-12 15:19:20 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
workflows:
|
2020-08-12 08:15:51 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
- template: technologies/tech-detect.yaml
|
|
|
|
matchers:
|
|
|
|
- name: wordpress
|
|
|
|
subtemplates:
|
2021-03-24 11:34:11 +00:00
|
|
|
- template: cves/2016/CVE-2016-10033.yaml
|
2021-03-24 08:37:22 +00:00
|
|
|
- template: cves/2017/CVE-2017-1000170.yaml
|
2021-03-12 12:33:22 +00:00
|
|
|
- template: cves/2018/CVE-2018-3810.yaml
|
2021-04-11 10:20:35 +00:00
|
|
|
- template: cves/2018/CVE-2018-7422.yaml
|
2021-02-18 14:04:27 +00:00
|
|
|
- template: cves/2019/CVE-2019-6112.yaml
|
2021-01-03 02:23:09 +00:00
|
|
|
- template: cves/2019/CVE-2019-6715.yaml
|
|
|
|
- template: cves/2019/CVE-2019-9978.yaml
|
2021-02-18 14:04:27 +00:00
|
|
|
- template: cves/2019/CVE-2019-14205.yaml
|
|
|
|
- template: cves/2019/CVE-2019-15858.yaml
|
|
|
|
- template: cves/2019/CVE-2019-19985.yaml
|
|
|
|
- template: cves/2019/CVE-2019-20141.yaml
|
|
|
|
- template: cves/2020/CVE-2020-11738.yaml
|
2021-03-14 14:21:15 +00:00
|
|
|
- template: cves/2020/CVE-2020-24186.yaml
|
2021-02-18 14:04:27 +00:00
|
|
|
- template: cves/2020/CVE-2020-24312.yaml
|
2021-02-11 19:20:18 +00:00
|
|
|
- template: cves/2020/CVE-2020-25213.yaml
|
2021-03-11 20:48:22 +00:00
|
|
|
- template: cves/2020/CVE-2020-13700.yaml
|
2021-03-12 12:33:22 +00:00
|
|
|
- template: cves/2020/CVE-2020-14092.yaml
|
|
|
|
- template: cves/2020/CVE-2020-35951.yaml
|
2021-03-24 19:58:03 +00:00
|
|
|
- template: cves/2020/CVE-2020-35489.yaml
|
2021-03-12 12:33:22 +00:00
|
|
|
- template: vulnerabilities/wordpress/wordpress-auth-bypass-wptimecapsule.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml
|
2021-02-01 08:20:15 +00:00
|
|
|
- template: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
|
|
|
|
- template: vulnerabilities/wordpress/sassy-social-share.yaml
|
|
|
|
- template: vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-db-backup.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-debug-log.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-directory-listing.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-emergency-script.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-installer-log.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-user-enumeration.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
|
|
|
|
- template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
|
2021-02-17 12:03:03 +00:00
|
|
|
- template: vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml
|
2021-02-18 14:04:27 +00:00
|
|
|
- template: vulnerabilities/wordpress/wp-xmlrpc.yaml
|
2021-02-17 14:47:53 +00:00
|
|
|
- template: vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
|
2021-02-18 14:04:27 +00:00
|
|
|
- template: vulnerabilities/wordpress/wp-enabled-registration.yaml
|
2021-02-25 18:51:07 +00:00
|
|
|
- template: vulnerabilities/wordpress/wordpress-affiliatewp-log.yaml
|
2021-02-26 05:51:15 +00:00
|
|
|
- template: vulnerabilities/wordpress/wp-uploads-listing.yaml
|
2021-03-18 20:40:02 +00:00
|
|
|
- template: vulnerabilities/wordpress/wp-license-file.yaml
|
2021-03-21 19:49:30 +00:00
|
|
|
- template: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml
|