nuclei-templates/workflows/wordpress-workflow.yaml

id: wordpress-workflow
info:
  name: Wordpress Security Checks
  author: kiblyn11 & zomsop82
  description: A simple workflow that runs all wordpress related nuclei templates on a given target.
  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.

workflows:

  - template: technologies/tech-detect.yaml
    matchers:
      - name: wordpress
        subtemplates:
          - template: cves/2019/CVE-2019-15858.yaml
          - template: cves/2019/CVE-2019-6715.yaml
          - template: cves/2019/CVE-2019-9978.yaml
          - template: cves/2020/CVE-2020-25213.yaml
          - template: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
          - template: vulnerabilities/wordpress/sassy-social-share.yaml
          - template: vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
          - template: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
          - template: vulnerabilities/wordpress/wordpress-db-backup.yaml
          - template: vulnerabilities/wordpress/wordpress-debug-log.yaml
          - template: vulnerabilities/wordpress/wordpress-directory-listing.yaml
          - template: vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
          - template: vulnerabilities/wordpress/wordpress-emergency-script.yaml
          - template: vulnerabilities/wordpress/wordpress-installer-log.yaml
          - template: vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
          - template: vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
          - template: vulnerabilities/wordpress/wordpress-user-enumeration.yaml
          - template: vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
          - template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
          - template: vulnerabilities/wordpress/wp-enabled-registration.yaml
          - template: vulnerabilities/wordpress/wp-xmlrpc.yaml
add wordpress workflow 2020-08-12 08:15:51 +00:00			`id: wordpress-workflow`
			`info:`
Simpleifed workflow syntax 2020-11-21 17:57:19 +00:00			`name: Wordpress Security Checks`
			`author: kiblyn11 & zomsop82`
			`description: A simple workflow that runs all wordpress related nuclei templates on a given target.`
Adding tags to vulnerabilities and workflows 2021-02-12 05:53:01 +00:00			`tags: workflow`
workflow update 2020-08-12 15:19:20 +00:00
Simpleifed workflow syntax 2020-11-21 17:57:19 +00:00			`# Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)`
			`# Old workflows still remains valid, and will be working with all nuclei versions.`
workflow update 2020-08-12 15:19:20 +00:00
Simpleifed workflow syntax 2020-11-21 17:57:19 +00:00			`workflows:`
add wordpress workflow 2020-08-12 08:15:51 +00:00
Simpleifed workflow syntax 2020-11-21 17:57:19 +00:00			`- template: technologies/tech-detect.yaml`
			`matchers:`
			`- name: wordpress`
			`subtemplates:`
:pencil: Move to year-based CVE subtemplates 2021-01-03 02:23:09 +00:00			`- template: cves/2019/CVE-2019-15858.yaml`
			`- template: cves/2019/CVE-2019-6715.yaml`
			`- template: cves/2019/CVE-2019-9978.yaml`
Adding CVE-2020-25213 to workflow 2021-02-11 19:20:18 +00:00			`- template: cves/2020/CVE-2020-25213.yaml`
workflow crash fix 2021-02-01 08:20:15 +00:00			`- template: vulnerabilities/wordpress/easy-wp-smtp-listing.yaml`
			`- template: vulnerabilities/wordpress/sassy-social-share.yaml`
			`- template: vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml`
			`- template: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml`
			`- template: vulnerabilities/wordpress/wordpress-db-backup.yaml`
			`- template: vulnerabilities/wordpress/wordpress-debug-log.yaml`
			`- template: vulnerabilities/wordpress/wordpress-directory-listing.yaml`
			`- template: vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml`
			`- template: vulnerabilities/wordpress/wordpress-emergency-script.yaml`
			`- template: vulnerabilities/wordpress/wordpress-installer-log.yaml`
			`- template: vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml`
			`- template: vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml`
			`- template: vulnerabilities/wordpress/wordpress-user-enumeration.yaml`
			`- template: vulnerabilities/wordpress/wordpress-wordfence-xss.yaml`
			`- template: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml`
			`- template: vulnerabilities/wordpress/wp-enabled-registration.yaml`
			`- template: vulnerabilities/wordpress/wp-xmlrpc.yaml`