nuclei-templates/vulnerabilities/wordpress/wp-config-setup.yaml

23 lines
524 B
YAML
Raw Normal View History

2021-05-28 03:11:58 +00:00
id: wp-config-setup
info:
name: WordPress Setup Configuration
author: princechaddha
severity: high
reference: https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/
tags: wordpress
requests:
- method: GET
path:
- "{{BaseURL}}/wp-admin/setup-config.php?step=1"
matchers-condition: and
matchers:
- type: word
words:
- "Below you should enter your database connection details."
- type: status
status:
- 200