nuclei-templates/vulnerabilities/wordpress/eatery-restaurant-open-redi...

id: eatery-restaurant-open-redirect

info:
  name: WordPress Attitude Themes 1.1.1 Open Redirection
  author: 0x_Akoko
  severity: low
  description: The WordPress Attitude Themes allows remote attackers to redirect users to an attacker controlled URL.
  reference: https://cxsecurity.com/issue/WLB-2020030183
  tags: wordpress,wp-theme,redirect

requests:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/themes/eatery/nav.php?-Menu-=https://example.com/"

    matchers:
      - type: regex
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
        part: header
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml 2021-09-17 09:40:30 +00:00			`id: eatery-restaurant-open-redirect`
Create eatery-restaurant-wp-theme-open-redirect.yaml 2021-09-17 09:06:58 +00:00
			`info:`
			`name: WordPress Attitude Themes 1.1.1 Open Redirection`
			`author: 0x_Akoko`
			`severity: low`
Description 2021-10-25 09:53:22 +00:00			`description: The WordPress Attitude Themes allows remote attackers to redirect users to an attacker controlled URL.`
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml 2021-09-17 09:40:30 +00:00			`reference: https://cxsecurity.com/issue/WLB-2020030183`
			`tags: wordpress,wp-theme,redirect`
Create eatery-restaurant-wp-theme-open-redirect.yaml 2021-09-17 09:06:58 +00:00
			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/wp-content/themes/eatery/nav.php?-Menu-=https://example.com/"`

			`matchers:`
			`- type: regex`
			`regex:`
			`- '(?m)^(?:Location\s?:\s?)(?:https?://\|//)?(?:[a-zA-Z0-9\-_\.@])example\.com.$'`
			`part: header`