daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor update

patch-1
Dhiyaneshwaran 2024-02-13 10:44:17 +05:30 committed by GitHub
parent 8f18aa96f4
commit 4253299ce1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 29 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
http/cves/2021/CVE-2021-24849.yaml
View File

@ -10,10 +10,25 @@ info:
reference:
- https://wpscan.com/vulnerability/763c08a0-4b2b-4487-b91c-be6cc2b9322e/
- https://nvd.nist.gov/vuln/detail/CVE-2021-24849
- https://wordpress.org/plugins/wc-multivendor-marketplace/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-24849
cwe-id: CWE-89
epss-score: 0.00199
epss-percentile: 0.56492
cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 1
verified: true
tags: cve,cve2021,wp,wp-plugin,wordpress,wcfm,sqli
max-request: 1
vendor: wclovers
product: frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible
framework: wordpress
publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace"
tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,wpscan,sqli
flow: http(1) && http(2)
http:
- raw:
@ -21,6 +36,15 @@ http:
GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- status_code == 200
- contains(body, "WCFM Marketplace - Best Multivendor Marketplace for WooCommerce")
condition: and
internal: true
- raw:
- |
@timeout: 20s
POST /wp-admin/admin-ajax.php HTTP/1.1
@ -38,7 +62,8 @@ http:
matchers:
- type: dsl
dsl:
- 'duration_2>=5'
- 'duration>=5'
- 'status_code == 200'
- 'contains(body_1, "WCFM Marketplace - Best Multivendor Marketplace for WooCommerce")'
- 'contains(header, "application/json")'
- 'contains(body, "success")'
condition: and