nuclei-templates/cves/CVE-2018-6389.yaml

id: CVE-2018-6389

info:
  name: Wordpress Load Script
  author: nadino
  severity: high

requests:
  - method: GET
    path: 
      - "{{BaseURL}}/wp-admin/load-scripts.php?load="
    matchers:
      - type: dsl
        dsl:
        - 'contains(x_powered_by,"Engine")'
        - 'contains(content_type,"javascript")'
adding 2 cves and crxde 2020-05-14 17:54:02 +00:00			`id: CVE-2018-6389`

			`info:`
			`name: Wordpress Load Script`
			`author: nadino`
			`severity: high`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/wp-admin/load-scripts.php?load="`
			`matchers:`
			`- type: dsl`
			`dsl:`
			`- 'contains(x_powered_by,"Engine")'`
			`- 'contains(content_type,"javascript")'`