daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/wordpress/wp-full-path-disclosure.yaml

22 lines
570 B
YAML
Raw Normal View History

misc changes
2021-05-27 21:13:04 +00:00
id: wp-full-path-disclosure
add wordpress full path disclosure
2021-05-27 13:27:16 +00:00
info:
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements
2022-05-13 20:26:43 +00:00
name: Wordpress - Path Disclosure
add wordpress full path disclosure
2021-05-27 13:27:16 +00:00
author: arcc
severity: info
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
reference:
- https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements
2022-05-13 20:26:43 +00:00
- https://core.trac.wordpress.org/ticket/38317
misc changes
2021-05-27 21:13:04 +00:00
tags: debug,wordpress,fpd
add wordpress full path disclosure
2021-05-27 13:27:16 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}/wp-includes/rss-functions.php"
matchers:
- type: word
words:
misc changes
2021-05-27 21:13:04 +00:00
- 'Call to undefined function _deprecated_file()'
add wordpress full path disclosure
2021-05-27 13:27:16 +00:00
part: body