Adding Wordpress Plugin Scanner

will be merged after next release of nuclei

.nuclei-ignore

@@ -4,4 +4,5 @@ security-misconfiguration/missing-hsts.yaml
 security-misconfiguration/missing-csp.yaml
 security-misconfiguration/basic-cors-flash.yaml
 fuzzing/
-workflows/
+wordlists/
+workflows/

fuzzing/wp-plugin-scan.yaml

@@ -0,0 +1,35 @@
+id: wp-plugin-scan
+info:
+  name: Wordpress Plugin Scanner
+  author: pdteam
+  severity: info
+  description: wordlist based wordpress plugin scanner.
+
+requests:
+
+  - payloads:
+      plugin_wordlist: wordlists/wp-plugins.txt
+
+      # Thanks to RandomRobbieBF for the wordlist
+      # https://github.com/RandomRobbieBF/wordpress-plugin-list
+
+    attack: sniper
+    threads: 50
+
+    raw:
+      - |
+        GET /§plugin_wordlist§ HTTP/1.1
+        Host: {{Hostname}}
+        Accept: application/json, text/plain, */*
+        Accept-Language: en-US,en;q=0.5
+        Referer: {{BaseURL}}
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "== Description =="