generic improvements

patch-1
sandeep 2021-07-24 00:06:13 +05:30
parent 97aa239d52
commit 43dccef185
16 changed files with 29 additions and 17 deletions

View File

@ -6,10 +6,12 @@ info:
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6455 reference: https://www.exploit-db.com/ghdb/6455
tags: wordpress,listing,wp-plugin tags: wordpress,listing,wp-plugin
requests: requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/" - "{{BaseURL}}/wp-content/plugins/easy-media-gallery-pro/"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word

View File

@ -3,7 +3,7 @@ id: wordpress-bbpress-plugin-listing
info: info:
name: WordPress bbPress Plugin Directory Listing name: WordPress bbPress Plugin Directory Listing
author: dhiyaneshDK author: dhiyaneshDK
severity: low severity: info
description: Searches for sensitive directories present in the bbpress wordpress plugin. description: Searches for sensitive directories present in the bbpress wordpress plugin.
reference: https://www.exploit-db.com/ghdb/6158 reference: https://www.exploit-db.com/ghdb/6158
tags: wordpress,listing tags: wordpress,listing
@ -12,6 +12,7 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-content/plugins/bbpress/" - "{{BaseURL}}/wp-content/plugins/bbpress/"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word

View File

@ -10,6 +10,7 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-content/debug.log" - "{{BaseURL}}/wp-content/debug.log"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
@ -18,10 +19,12 @@ requests:
- text/plain - text/plain
part: header part: header
condition: or condition: or
- type: regex - type: regex
regex: regex:
- "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP" - "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP"
part: body part: body
- type: status - type: status
status: status:
- 200 - 200

View File

@ -13,11 +13,13 @@ requests:
- "{{BaseURL}}/wp-content/themes/" - "{{BaseURL}}/wp-content/themes/"
- "{{BaseURL}}/wp-content/plugins/" - "{{BaseURL}}/wp-content/plugins/"
- "{{BaseURL}}/wp-includes/" - "{{BaseURL}}/wp-includes/"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: status - type: status
status: status:
- 200 - 200
- type: word - type: word
words: words:
- Index of / - "Index of /"

View File

@ -3,7 +3,7 @@ id: wordpress-elementor-plugin-listing
info: info:
name: WordPress Elementor Plugin Directory Listing name: WordPress Elementor Plugin Directory Listing
author: dhiyaneshDK author: dhiyaneshDK
severity: low severity: info
description: Searches for sensitive directories present in the elementor wordpress plugin. description: Searches for sensitive directories present in the elementor wordpress plugin.
reference: https://www.exploit-db.com/ghdb/6297 reference: https://www.exploit-db.com/ghdb/6297
tags: wordpress,listing tags: wordpress,listing
@ -12,6 +12,7 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-content/plugins/elementor/" - "{{BaseURL}}/wp-content/plugins/elementor/"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word

View File

@ -3,7 +3,7 @@ id: wordpress-gtranslate-plugin-listing
info: info:
name: WordPress gtranslate Plugin Directory Listing name: WordPress gtranslate Plugin Directory Listing
author: dhiyaneshDK author: dhiyaneshDK
severity: low severity: info
description: Searches for sensitive directories present in the gtranslate wordpress plugin. description: Searches for sensitive directories present in the gtranslate wordpress plugin.
reference: https://www.exploit-db.com/ghdb/6160 reference: https://www.exploit-db.com/ghdb/6160
tags: wordpress,listing tags: wordpress,listing
@ -12,6 +12,7 @@ requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-content/plugins/gtranslate/" - "{{BaseURL}}/wp-content/plugins/gtranslate/"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word

View File

@ -3,7 +3,7 @@ id: wordpress-redirection-plugin-listing
info: info:
name: WordPress Redirection Plugin Directory Listing name: WordPress Redirection Plugin Directory Listing
author: dhiyaneshDk author: dhiyaneshDk
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-redirection plugin. description: Searches for sensitive directories present in the wordpress-redirection plugin.
reference: https://www.exploit-db.com/ghdb/6436 reference: https://www.exploit-db.com/ghdb/6436
tags: wordpress,listing tags: wordpress,listing

View File

@ -3,7 +3,7 @@ id: wordpress-woocommerce-listing
info: info:
name: WordPress Woocommerce Plugin Directory Listing name: WordPress Woocommerce Plugin Directory Listing
author: dhiyaneshDK author: dhiyaneshDK
severity: low severity: info
description: Searches for sensitive directories present in the woocommerce wordpress plugin. description: Searches for sensitive directories present in the woocommerce wordpress plugin.
reference: https://www.exploit-db.com/ghdb/6192 reference: https://www.exploit-db.com/ghdb/6192
tags: wordpress,listing tags: wordpress,listing

View File

@ -6,15 +6,15 @@ info:
severity: high severity: high
description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials
tags: wordpress,plugin tags: wordpress,plugin
references: |
# References: - https://www.exploit-db.com/exploits/48910
# - [1] https://www.exploit-db.com/exploits/48910 - https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/
# - [2] https://www.redtimmy.com/critical-information-disclosure-on-wp-courses-plugin-exposes-private-course-videos-and-materials/
requests: requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/wp-json/wp/v2/lesson/1" - "{{BaseURL}}/wp-json/wp/v2/lesson/1"
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: regex - type: regex
@ -23,10 +23,12 @@ requests:
- "\"(guid|title|content|excerpt)\":{\"rendered\":" - "\"(guid|title|content|excerpt)\":{\"rendered\":"
condition: or condition: or
part: body part: body
- type: word - type: word
words: words:
- "application/json" - "application/json"
part: header part: header
- type: status - type: status
status: status:
- 200 - 200

View File

@ -3,7 +3,7 @@ id: wp-123contactform-plugin-listing
info: info:
name: WordPress 123ContactForm Plugin Directory Listing name: WordPress 123ContactForm Plugin Directory Listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: | reference: |
- https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html - https://blog.sucuri.net/2021/01/critical-vulnerabilities-in-123contactform-for-wordpress-wordpress-plugin.html

View File

@ -2,7 +2,7 @@ id: wp-arforms-listing
info: info:
name: WordPress Plugin Arforms Listing name: WordPress Plugin Arforms Listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6424 reference: https://www.exploit-db.com/ghdb/6424
tags: wordpress,listing tags: wordpress,listing

View File

@ -2,7 +2,7 @@ id: wp-idx-broker-platinum-listing
info: info:
name: WordPress Plugin Idx Broker Platinum Listing name: WordPress Plugin Idx Broker Platinum Listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6416 reference: https://www.exploit-db.com/ghdb/6416
tags: wordpress,listing tags: wordpress,listing

View File

@ -3,7 +3,7 @@ id: wp-plugin-1-flashgallery-listing
info: info:
name: WordPress 1 flash gallery listing name: WordPress 1 flash gallery listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6978 reference: https://www.exploit-db.com/ghdb/6978
tags: wordpress,listing tags: wordpress,listing

View File

@ -3,7 +3,7 @@ id: wordpress-plugins-lifterlms
info: info:
name: WordPress Plugin lifterlms Listing name: WordPress Plugin lifterlms Listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6420 reference: https://www.exploit-db.com/ghdb/6420
tags: wordpress,listing tags: wordpress,listing

View File

@ -3,7 +3,7 @@ id: wordpress-plugins-ultimate-member
info: info:
name: WordPress Plugin Ultimate Member name: WordPress Plugin Ultimate Member
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6998 reference: https://www.exploit-db.com/ghdb/6998
tags: wordpress,listing tags: wordpress,listing

View File

@ -3,7 +3,7 @@ id: wp-sfwd-lms-listing
info: info:
name: WordPress Plugin Sfwd-lms Listing name: WordPress Plugin Sfwd-lms Listing
author: pussycat0x author: pussycat0x
severity: low severity: info
description: Searches for sensitive directories present in the wordpress-plugins plugin. description: Searches for sensitive directories present in the wordpress-plugins plugin.
reference: https://www.exploit-db.com/ghdb/6426 reference: https://www.exploit-db.com/ghdb/6426
tags: wordpress,listing tags: wordpress,listing