2020-08-12 08:15:51 +00:00
|
|
|
id: wordpress-workflow
|
|
|
|
|
info:
|
2020-11-21 17:57:19 +00:00
|
|
|
name: Wordpress Security Checks
|
|
|
|
|
author: kiblyn11 & zomsop82
|
|
|
|
|
description: A simple workflow that runs all wordpress related nuclei templates on a given target.
|
2020-08-12 15:19:20 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
# Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
|
|
|
|
|
# Old workflows still remains valid, and will be working with all nuclei versions.
|
2020-08-12 15:19:20 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
workflows:
|
2020-08-12 08:15:51 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
- template: technologies/tech-detect.yaml
|
|
|
|
|
matchers:
|
|
|
|
|
- name: wordpress
|
|
|
|
|
subtemplates:
|
2021-01-03 02:23:09 +00:00
|
|
|
- template: cves/2019/CVE-2019-15858.yaml
|
|
|
|
|
- template: cves/2019/CVE-2019-6715.yaml
|
|
|
|
|
- template: cves/2019/CVE-2019-9978.yaml
|
2020-11-21 17:57:19 +00:00
|
|
|
- template: files/wordpress-db-backup.yaml
|
|
|
|
|
- template: files/wordpress-debug-log.yaml
|
|
|
|
|
- template: files/wordpress-directory-listing.yaml
|
|
|
|
|
- template: files/wordpress-emergency-script.yaml
|
|
|
|
|
- template: files/wordpress-installer-log.yaml
|
|
|
|
|
- template: files/wordpress-tmm-db-migrate.yaml
|
|
|
|
|
- template: files/wordpress-user-enumeration.yaml
|
|
|
|
|
- template: security-misconfiguration/wordpress-accessible-wpconfig.yaml
|
|
|
|
|
- template: vulnerabilities/sassy-social-share.yaml
|
|
|
|
|
- template: vulnerabilities/w3c-total-cache-ssrf.yaml
|
|
|
|
|
- template: vulnerabilities/wordpress-social-metrics-tracker.yaml
|
|
|
|
|
- template: vulnerabilities/wordpress-wordfence-xss.yaml
|
2020-12-14 13:34:12 +00:00
|
|
|
- template: vulnerabilities/wordpress-wpcourses-info-disclosure.yaml
|
|
|
|
|
- template: vulnerabilities/easy-wp-smtp-listing.yaml
|
